Client ID Secret Encoded Validation

The Client ID Secret Encoded Validation interceptor identifies a request header that contains a client ID and a client Secret encoded in Base64, and validates if the information is correct. I’s widely used with mobile apps, in which both codes (client ID and client secret) must be validated.

The header should follow the Basic Base64 (clientID:clientSecret) model.

Example of header:

Basic OWI1Zjc3MWUtNzgyZC0zNTEwLWI2YmEtMzZlOWM2NWJmZDVkOmRhZGQ0NzQyLTdiMGQtM2U2My1iMmMwLThmOTUzMWRmMzMyZQ==

To configure this interceptor, fill out these fields:

  • Name (to be found in the header); and

  • Response Content-Type, stating the format in which data will be returned in case of any validation problem. The possible values are application/json and text/plain, with the first being the default value.

clientId secret encoded validation
If your API returns the status code 401 Unauthorized when using this interceptor, the token may be invalid. See more details on this page of our FAQs.
Thanks for your feedback!
EDIT

Share your suggestions with us!
Click here and then [+ Submit idea]