Oauth - Passing Authorization Header

Document ID : KB000044094
Last Modified Date : 14/02/2018
Show Technical Document Details

Question:

How to pass the following Authorization header to the Service Provider in an Oauth Federation transaction?

Authorization: Basic, using client_id as username and secret as a password 

Answer:

1. In the Federation Partnership, navigate to the SSO tab and check the box titled "Support Authorization Header".

2. The functionality of this checkbox is: 

Specifies whether an authorization server must verify the authorization header for the client credentials. If you select this option, the system sends the client credentials in the authorization header. If you do not select this option, the system sends the client credentials in the request-body by using the client ID and client secret.