In this part of the Consumed API Series, we’ll explore how to authenticate API calls using Username & Password (Basic Authentication) in Mendix. This is one of the simplest and widely used methods to secure APIs. You’ll learn how to pass credentials securely while consuming APIs using Call REST Service in a Mendix microflow.
Dependencies:-
Published USERNAME & PASSWORD AUTHENTICATION API
You can find the published API endpoint URL below. For a better understanding of how this API was created, please refer to the previous article linked above.
Endpoint URL :- http://localhost:8082/rest/prssecurity/v1/Security?BookName={BookName}&Price={Price}
username :- demo_user
password :- OccZsvI10q81
headers :-
Key: Content-Type
Value :'application/json'
Go to MX Studio Pro, Create a microflow name it DS_GetBook.
Go to DS_GetBook
1.Create two variables , first for BookName(String) & second for Price(Integer) for search Book objects.
I am passing static values you can add dynamic according to your need.
Important:- We have to replaceAll white spaces with %20 Otherwise, the API request may fail or return a 400 Bad Request error.
2. Take a Call REST Service activity -> Under General tab pass your endpoint URL & select HTTP method(GET).
Make sure to replace the {BookName} with {1} & {Price} with {2} and in the parameter pass your previously created $BookName & toString($Price).
3. Go to HTTP Headers tab, enable authentication & pass the above username & password, in the custom HTTP headers pass above headers.
4. Go to Response tab -> Select your previously created IMP_Book import mapping & click yes Store in variable.
5. Take a retrieve activity -> Select retrieve by association & select the $Root/JsonObject_Root.
6. Lastly, return the $JsonObjectList.
Go to Home_Web page -> Take a datagrid, Under DataSource tab select DS_GetBook microflow as a dataSource.
Now run the application & test it.
Important:
Since you’re using two different Mendix applications — one to publish the API and another to consume it — make sure the application where the API is published on localhost is running before making any API calls from the other app. If the publishing app isn’t running, the API request will fail.
The grid is showing only one record because there’s only one exact match available.
Conclusion:
I hope this article has helped you understand How to Consume Username & Password Authentication API in Mendix.
Thanks for reading this! See you in the next blog post.