Red Hat Integration - Service Registry
  • Preface
  • Installation
    • Setting Up Project
    • PostgreSQL Database Deployment
      • Install Crunchy Postgres for Kubernetes Operator
      • Deploy PostgreSQL Database
    • Service Registry Deployment
      • Install Service Registry Operator
      • Configuring Service Registry
  • Testing
    • Testing Service Registry
    • REST API Testing Using Postman
    • Performance Testing Using hey
  • Security
    • Securing Service Registry
    • Red Hat Single Sign-On Deployment
      • Installing Red Hat Single Sign-On Operator
      • Deploy Red Hat Single Sign-On
      • Create Keycloak Realm For Service Registry
    • Configuring Service Registry
      • Service Registry with HTTPS
      • Service Registry without HTTPS (less secure)
      • Configuring Service Registry
      • Enable HTTP Basic Authentication
      • Enable Annonymous Read Access
      • Enable Role-Based Authorization
    • Testing Secure Service Registry API
  • Client Application
    • Create SSO Client for Application
    • Kafka Client Application
  • Appendix
    • CRD References
    • Installation Helper Script
    • Service Registry & SSO Integration with Self-Signed Certificate
Powered by GitBook
On this page
  1. Security
  2. Configuring Service Registry

Enable HTTP Basic Authentication

PreviousConfiguring Service RegistryNextEnable Annonymous Read Access

Last updated 2 years ago

By default, Service Registry supports authentication using OpenID Connect. Users (or API clients) must obtain an access token to make authenticated calls to the Service Registry REST API. However, because some tools do not support OpenID Connect, you can also configure Service Registry to support HTTP basic authentication.

Apicurio Registry supports both OAuth and BASIC auth at the same time. a custom authentication handler has been implemented to use OAuth Client Credentials flow to support BASIC auth. In other words, the client can provide BASIC auth credentials, and the server-side custom handler will extract the username/password and then use OAuth Client Credentials flow against the Keycloak server to obtain an access token. Once that is done, everything else works the same as if the client had provided an OAuth bearer token to begin with.

To enable HTTP basic authentication, login to Service Registry web console with administrator privilege i.e. registry-admin account you've created in this section. Go to Settings tab, then enable the HTTP basic authentication option.

Enable HTTP basic authentication