{"id":11937,"date":"2022-02-23T17:32:49","date_gmt":"2022-02-23T17:32:49","guid":{"rendered":"https:\/\/www.directimpactsolutions.com\/?p=11937"},"modified":"2024-01-02T16:11:44","modified_gmt":"2024-01-02T16:11:44","slug":"basic-authentication-in-api-integration","status":"publish","type":"post","link":"https:\/\/www.directimpactsolutions.com\/en\/basic-authentication-in-api-integration\/","title":{"rendered":"Basic Authentication in API Integration"},"content":{"rendered":"
\"basic<\/figure>

Of all the FileMaker features introduced in the past five years, many feel that being able to specify cURL options for the Insert from URL script step is the most impactful. Why might that be?<\/p>

With this feature, all third-party web services with APIs can be extensions of our FileMaker solutions, which expands what our FileMaker solutions can do. Developers can confidently take on web integration requests, and deliver them across the entire product line, including WebDirect and FileMaker Go.<\/p>

Integration projects usually start with authentication. This article will explain how to approach basic authentication for a web integration.<\/p>

Identify the endpoint URL for our requests<\/h3>

When integrating with a web service, the first thing you must do is authenticate. The simplest scheme of authentication is called Basic Authentication. Basic Authentication asks you to provide a username and password to verify your identity and gain access.<\/p>

Basic Authentication is quite common. In fact, FileMaker\u2019s Admin API on FileMaker Server uses this method. In this post, we\u2019ll use FileMaker\u2019s Admin API to construct an HTTP call for basic authentication.<\/p>

First, we need to know where to send our request. The target of our request is called an endpoint URL.<\/p>

FileMaker Admin API Documentation<\/h3>

The easiest way to find that out is by reading the API documentation. API documentation can be intimidating to read, so we\u2019ll use the FileMaker Admin API documentation in this example. We\u2019ll point out the key information and how to interpret it.<\/p>

The FileMaker Admin API documentation is installed when you install FileMaker Server. To access it, you can type the following URL in your web browser. Be sure to replace the host with your own host address. If you are on the host machine, you can use \u201clocalhost\u201d as the host address.<\/p>

https://<host>\/fmi\/admin\/apidoc\/<\/code><\/pre>
The picture below shows what the FileMaker Admin API documentation looks like for the authentication method. On the very first line, it shows me the path (\/user\/auth) to access the authentication method.<\/p>
\"\"<\/figure>
Admin API documentation for authentication<\/p>
An endpoint URL is usually made of two parts: a root endpoint and a path. The root endpoint is usually described very early in the API documentation. Look for pages titled \u201cGetting started,\u201d or \u201cThe Basics,\u201d or \u201cOverview.\u201d For some APIs, your root endpoint might be unique to your user account. In those cases, you can typically find your root endpoint under your user\/account setting.<\/p>
For the FileMaker Admin API, the root endpoint is:<\/p>
https://<host>\/fmi\/admin\/api\/<version><\/code><\/pre>
When we concatenate the root above with the path (\/user\/auth) we found, we get the full endpoint URL that our request should be sent to:<\/p>
https://<host>\/fmi\/admin\/api\/v2\/user\/auth<\/code><\/pre>
Other API documentation typically provides path information in a similar format, especially if it\u2019s a REST API.<\/p>
Mailchimp API Documentation<\/h3>
Here\u2019s an example from Mailchimp\u2019s API documentation. After the method, it shows the path (\/authorized-apps). If we are integrating with the Mailchimp API and want to call this method, we\u2019d need to find our endpoint root for Mailchimp, then append the path to get the full endpoint URL.<\/p>
\"\"<\/figure>
Specify the cURL options<\/h3>
Now that I know where my request should go, let\u2019s work on the cURL option. cURL options are information provided to the receiver of our request to help with the interpretation and processing of the request. This is like what we would write on an envelope to help a letter get delivered.<\/p>
cURL is a big subject. This article won\u2019t cover full details about it. My goal is to provide a basic understanding and something you can copy and paste into your own solution. I\u2019ll write more about cURL options in separate articles.<\/p>
Here\u2019s the sample code to put into the cURL option in your \u201cInsert from URL\u201d script step:<\/p>
\"--request POST\" & \n\" --header \\\"content-type: application\/json\\\"\" & \n\" --data @$requestBody \" & $endpointURL & \n\" --user \" & Quote ( $username & \":\" & $password ) \n\/\/& \" --header \\\"Authorization: Basic \" & Base64EncodeRFC ( 4846 ; $username & \":\" & $username )  & \"\\\"\"<\/pre>
Basic Authentication<\/h3>
For Basic Authentication, we need to specify 4 parameters:<\/p>