Trying to do a test using basic auth to access Apigee Edge API Proxy and found after successfully verify api key the variable verifyapikey.VerifyAPIKey.client_secret value is blank. Here is the policy I’m using in PreFlow:
verify-api-key
According to following link after VerifyApiKey policy executed successfully the variable verifyapikey.VerifyAPIKey.client_secret value is blank when I using trace:
https://community.apigee.com/questions/19248/can-you-validate-client-key-and-secret-without-gen.html
Any suggestions? Thanks.
After verify-api-key step, I have following step, which catched the mismatch:
verifyapikey.VerifyAPIKey.client_secret != request.queryparam.password RaiseFault-SecretMismatch
Have some additional findings, if I remove the Condition step, actual in the next step I can see the flow variables populated correctly. Now the issue looks like related to the way how to add the Condition step, should this be wrapped in a policy in order for it to use the flow variables?
Found the issue, in Condition the variable name need to be surrounded by {…}, found this when reading https://community.apigee.com/questions/34852/apikey-from-oauth-for-use-in-separate-proxy-with-s.html {verifyapikey.VerifyAPIKey.client_secret} != {request.header.password} RaiseFault-SecretMismatch
That seems surprising. But I’m glad you got it sorted!