Set Authorization

Sets outbound authorization information for backend requests.

Use the Set Authorization policy to set or override authorization headers or tokens that are sent to downstream services.

For more information on the policy parameter descriptions, see DataPower Nano Gateway documentation.

Example of a Set Authorization policy in code view.

apiVersion: api.ibm.com/v1
kind: SetAuthorization
metadata:
  name: basic-custom
  namespace: lwgw
spec:
  basic:
    static:
      username: "aaa"
      password: "bbb" #secret
    valueType: "plain"  # plain | jsonata
  message: "request"
---
apiVersion: api.ibm.com/v1
kind: SetAuthorization
metadata:
  name: basic-incoming
  namespace: lwgw
spec:
  basic:
    useIncoming : {}
  message: "request"
---
apiVersion: api.ibm.com/v1
kind: SetAuthorization
metadata:
  name: oauth2-custom
  namespace: lwgw
spec:
  oAuth2:
    token : "atfqI-QW3HXqF1hkot1e6hJDIj4qHnwTEUXiGJFf09k.SRHhlx6wlDz5GZncAr99HfM7FUbDQlUg73MapL0TJ2I"
  message: "request"
---
apiVersion: api.ibm.com/v1
kind: SetAuthorization
metadata:
  name: oauth2-incoming
  namespace: lwgw
spec:
  oAuth2:
    useIncoming: {}
  message: "request"
---
apiVersion: api.ibm.com/v1
kind: SetAuthorization
metadata:
  name: ntlm-incoming
  namespace: ntlm
  version: 1.0
spec:
  ntlm:
    useIncoming: {}
  message: "request"
---
apiVersion: api.ibm.com/v1
kind: SetAuthorization
metadata:
  name: ntlm-transparent
  namespace: ntlm
  version: 1.0
spec:
  ntlm:
    transparent: {}
  message: "request"
---
apiVersion: api.ibm.com/v1
kind: SetAuthorization
metadata:
  name: ntlm-transparent
  namespace: ntlm
  version: 1.0
spec:
  ntlm:
    static:
      username: ''
      password: ''
  message: "request"
---
apiVersion: api.ibm.com/v1
kind: SetAuthorization
metadata:
  name: jwt-incoming
  namespace: ntlm
  version: 1.0
spec:
  jwt:
    useIncoming: {}
  message: "request"
---
apiVersion: api.ibm.com/v1
kind: SetAuthorization
metadata:
  name: kerberos-2
  namespace: kerberos
  version: 1.0
spec:
  kerberos:
    useIncoming: {}
  message: "request"
---
apiVersion: api.ibm.com/v1
kind: SetAuthorization
metadata:
  name: kerberos-3
  namespace: kerberos
  version: 1.0
spec:
  kerberos:
    delegateIncomingCredentials:
      clientPassword: ''
      clientPrincipal: ''
      servicePrincipal: ''
      servicePrincipalNameform: 'Username' # Username|Hostbased
  message: "request"
---
apiVersion: api.ibm.com/v1
kind: SetAuthorization
metadata:
  name: kerberos-4
  namespace: kerberos
  version: 1.0
spec:
  kerberos:
    incomingHTTPBasicAuthCred:
      servicePrincipal: ''
      servicePrincipalNameform: 'Username' # Username|Hostbased
  message: "request"
---
apiVersion: api.ibm.com/v1
kind: SetAuthorization
metadata:
  name: kerberos-5
  namespace: kerberos
  version: 1.0
spec:
  kerberos:
    useCustomCredentials:
      clientPassword: ''
      clientPrincipal: ''
      servicePrincipal: ''
      servicePrincipalNameform: 'Username' # Username|Hostbased
  message: "request"
---
apiVersion: api.ibm.com/v1
kind: SetAuthorization
metadata:
  name: anonymous
  namespace: kerberos
  version: 1.0
spec:
  anonymous: {}
---