What options do I have for authenticating an action?

Avatar

Avatar
Validate 1
Level 1
oliverf82757722
Level 1

Likes

0 likes

Total Posts

28 posts

Correct reply

0 solutions
Top badges earned
Validate 1
Applaud 5
View profile

Avatar
Validate 1
Level 1
oliverf82757722
Level 1

Likes

0 likes

Total Posts

28 posts

Correct reply

0 solutions
Top badges earned
Validate 1
Applaud 5
View profile
oliverf82757722
Level 1

29-10-2020

I'm trying to create a headless application which essentially just transforms some JSON and puts it into the Adobe Analytics Data Insertion.

The call into the analytics data insertion doesn't seem to require any authentication.

I don't want to remove the `require-adobe-auth` from the manifest but I'm not sure what my options are if I do that?

All I'm trying to do is to call an external service. I don't need to add an API or anything that requires auth but I'm just getting a bit lost in the documentation.

 

I've been asked to explore using basic auth for this but I just don't know if that's possible. Thanks

Accepted Solutions (1)

Accepted Solutions (1)

Avatar

Avatar
Give Back 25
Employee
duypnguyen
Employee

Likes

37 likes

Total Posts

174 posts

Correct reply

32 solutions
Top badges earned
Give Back 25
Boost 25
Applaud 5
Give Back 5
Give Back 3
View profile

Avatar
Give Back 25
Employee
duypnguyen
Employee

Likes

37 likes

Total Posts

174 posts

Correct reply

32 solutions
Top badges earned
Give Back 25
Boost 25
Applaud 5
Give Back 5
Give Back 3
View profile
duypnguyen
Employee

29-10-2020

If the Analytics Data Insertion API doesn't require any authentication, you don't need `require-adobe-auth`. However, I understand that you still want "some protection" for your action.

What you could do is adding `require-whisk-auth` to the manifest, its value is a secret hash. Then from the calling system you make request to your action with this header `X-Require-Whisk-Auth: secret_hash`. Other requests without this header would be rejected.

Reference: https://github.com/AdobeDocs/adobeio-runtime/blob/master/guides/securing_web_actions.md

Answers (0)