Invoke a SOAP Endpoint with an Explicit Authorization Header
For the Basic Authentication security policy, the runtime message includes an Authorization HTTP header with a BASIC mechanism only (for example, Authorization: Basic base64_content_of_credentials).
The authorization header can be overridden in the mapper under Connectivity Properties > Security Properties > Authorization in the outbound request mapping to pass dynamic credentials. However, this header also restricts use to the BASIC mechanism only.
To support a different mechanism such as the BEARER mechanism (for OAuth or JWT token) in the outbound direction, the Authorization HTTP header is enabled in the SOAP Adapter Request-Headers page. Perform the following steps to enable this support.
- Create a SOAP Adapter connection.
- Select No Security Policy.
- Configure the SOAP Adapter as an invoke connection in your integration.
- Select Yes for Configure Headers on the Headers page.
- Select the Standard HTTP Headers checkbox in the Request Headers section.
- Click + to enable the header list on the Request-Headers page.
- Select the Authorization
header.
- Complete adapter configuration.
- Open the mapper.
The Authorization HTTP header is visible under the Headers > HTTPHeaders section of the request mapping. Use this to pass any value to the target endpoint.