"Authorization": "Basic " not included in OAuth migration? | Community
Skip to main content
filipe23353816
filipe23353816
Level 2
September 1, 2023
Question

"Authorization": "Basic " not included in OAuth migration?

  • September 1, 2023
  • 2 replies
  • 751 views

Hi,

Maybe a dumb question but we have API calls using the  "Authorization": "Basic " ... and does that mean that it does not make use of Service account (JWT) credentials? So such a process would not need to change when we migrate our Service account (JWT) projects to OAuth?

Best regards,

Filip

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.

2 replies

tmj
Adobe Employee
tmjAdobe Employee
Adobe Employee
September 2, 2023

@filipe23353816 I cannot answer authoritatively as I don't know your code well. However, it does sound that you are right. Service Account (JWT) credentials use bearer tokens and not basic authentication. 

 

I think another reasonable tell would be the domain name of the API calls made with the `Authorization: Basic XXXX' header. If the calls are not going to https://ims-na1.adobelogin.com/ims/token/ , then you can certainly skip them as they are not impacted by this migration. 

 

Hope this helps.

Thanks
Manik

EstebanBustamante
Community Advisor and Adobe Champion
EstebanBustamanteCommunity Advisor and Adobe Champion
Community Advisor and Adobe Champion
September 12, 2023

Correct.

The "Authorization": "Basic " means you are using a regular "Username / Password" as an authenticate method to access your instance. This of course is not ideal because you have the password exposed in your code and represents a security breach. That's why you should use any other more robust authentication method such as JWT or OAuth. But beyond the security issue (if you accept the risk) you should be fine, you don't have to migrate it.

Esteban Bustamante
    Terms & ConditionsAccessibility statement

    Loading footer...