You have a authentication microflow to determine the user. That means that the current user is not known yet.
If you want to identify the user by username and password, you don’t need an authentication microflow, you can select Username and password authentication.
So you want to have basic authentication and more? The different authentication options allow different ways of authentication. So clients can use basic authentication or custom authentication.
If you want to do basic authentication and more, you have two options:
> first the custom authentication is done and then the basic authentication
Custom authentication and basic authentication are alternatives, so users either authenticate via the one mechanism or the other. It’s not and. If the custom authentication does not authenticate the user (the microflow returns empty), the system will attempt to authenticate the user using basic authentication.
> Do I realy need to implement the basic authentication myself
No. I would suggest you don’t use custom authentication. Use basic authentication. What you were doing in the authentication microflow, do that in the operation microflow.
Hi Joost, thanks for your reply and explanation!
Looking at the flow chart in the documentation:
https://docs.mendix.com/refguide/published-rest-routing
I see that first the custom authentication is done and then the basic authentication. Can I not just use it un this order?
Do I realy need to implement the basic authentication myself (or do you have an any example how to do it (with the mendix internal hashing)
Thanks, Andreas
Hi Joost, thanks for your help:
I tried to implement your second proposal, but my problem is that i did not find a way how I would then respond with a HTTPresponse e.g. with an error, like it happens in the custom or basic authentication.
Do you know a way to do it? Or is there an example of basic authentication microflow that I can reuse and extend?
Thanks, Andreas