1. Home
  2. Tutorials
  3. Working with APIs
  4. Authenticate API Requests with Basic Auth

Authenticate API Requests with Basic Auth

APIs using basic auth require client apps to send a username and password in order to access data via requests. Basic auth is often used to provide access to user accounts where you are connecting to your own backend data from an app, rather than connecting to data from a third party web service, in which case additional levels of security are typically required. If your app is using an API secured with basic auth, you will need to specify that in your Swagger/OpenAPI specification and configure it in the Dropsource editor as follows.

ⓘ Note

If you aren’t using Basic Auth, check out the tutorials for API Key and OAuth2 Password authentication.

  1. Indicate basic auth in your Swagger/OpenAPI specification securityDefinitions at the root level of the document, by including an entry with a name of your choice and a type value of basic:

    Apply basic auth by specifying the name you used in the securityDefinitions ( basicAuth in the example code) inside the sections for individual paths in your spec, or to the entire API by adding at the root level:

  2. Upload your specification file into Dropsource by opening the API tab on the right of the editor and clicking the plus plus button.

    add api

    Click Choose and upload your file – you will see an indicator when it has been imported into your project.

    users api added

    Close the API modal – you will see your new API in the API tab.

  3. You will store the username and password in Device Variables so that they are accessible throughout the project. In Variables on the left of the editor, create two Device Variables – one for the username and one for the password, making them both Swift/Java String type.

    username password vars

  4. Assign values to the username and password variables. For example, if they are going to be entered by the user and your app contains a login page, add two Text Fields (with Secure Text Entry selected for the password field) and a Button, then use Set Value Actions in the Button Tapped Event, setting the variables to the Text values of the Text Fields.

    set password

    Later you may want to add a Run API Request Action to this Event to log your user in, once you have auth configured and a request added to the page.

  5. In the API tab, configure security for the API you added by clicking Set Authentication above the list of endpoints.

    set auth

  6. Select the two Device Variables for the username and password fields.

    basic auth variables

Once your auth workflow and configurations are in place you can go ahead and add requests to the pages in your app, using Run API Request Actions to execute them. As long as your requests run once the Device Variables are set they should be authenticated, and ready to connect to data for the user account.

Was this article helpful to you? Yes No

How can we help?