Integration with HashiCorp Vault using Authentication URL in IBM API Connect
In IBM API Connect, the Authentication URL user registry provides a simple way to integrate with other user registry, authentication service and so on. It’s basically a URL that accept HTTP Basic authentication request, if the authentication is successful, a HTTP OK status should be return. The API operation need to be authenticated can then proceed.
As its a simple HTTP service, we can provide our own logic to achieve the integration with other service. Here let’s say, the API users and their credential are managed by HashiCorp’s Vault. To authenticate the APIs with the Vault, we could develop a custom HTTP handler service, in which we integrate the Vault service. The API could then use HTTP basic authentication with the custom Authentication URL user registry.
Let’s check it out.
Create the Vault Secret Path
Setup the Vault.
Then create the following path, started with a project name, to store the API users credentials.
vault kv put -mount=secret {{ .project }}/user1 username=user1 password=passwordThe HTTP Handler
Create a simple Golang http handler program,
package main
import (…