Username and password authentication is a widely used method for securing APIs and applications. It involves verifying user credentials to grant access to protected resources. This straightforward and reliable approach works well for many use cases, providing a simple yet effective way to ensure that only authorized users can interact with the system.

Setup your security for this tutorial i have two user roles

1. Administrator
2. User

Create a folder Security -> right click -> Other -> Published Rest Service -> Give the name PRS_Security.

Open your PRS_Security -> C heck mark Username & password -> Select User in the allowed roles.

Add resource(Security) -> Add operation for Security resource -> Select GET Method & in the microflow select your GetBookDataByQueryParameters microflow from APIPARAMETERS.

Go to PRS_Security -> Open your GET/Security -> Add two query parameters :-

1. BookName String type & in the microflow parameter select your BookName parameter.

2. Price Decimal type & in the microflow parameter select your Price parameter.

Lastly, Select your export mapping(EXP_Book) from APIPARAMETERS folder.

Now run the application & test it.

Copy your username & password from App Security -> Demo Users.

Make sure you have configured your security successfully.

Here, I copied the credentials for demo_user because I selected User as the user role. If you select a different user role, please copy the Username & Password for that specific user.

First authenticate with your username & password then execute this.

For testing in POSTMAN

http://localhost:8082/rest/prssecurity/v1/Security?BookName={BookName}&Price={Price}

I hope this article has helped you understand How to implement Username & Password Authentication in Mendix APIs.

Thanks for reading this! See you in the next blog post.