Is it possible to use Digest Auth in HTTP module?
- If yes: how?
- If not: what you suggest?
1 Like
Hi @ITSM_Costalis ,
Welcome to the make community!
I’ve looked into Digest Authentication, and it does look like it should be possible with Make, but I’ve not personally tried it.
You’d need two HTTP modules. The first module would ping your URL. The server should then return the nonce that you can hash in the second HTTP module. The first HTTP module will return 401 error, so you’ll need an error handler to direct the flow to your second module.
Something like this:
How familiar are you with Make and Digest Authentication? Would you like more detail, or is that enough to get you started?
4 Likes
@Terry_Hopper could you share a blueprint of an example? I could never get the digest authentication to work.
Hi @Zbulo ,
I don’t have an example to share yet. The screenshot above was a mock up of how the two modules would interact.
Do you have an example of a (free!) service that uses Digest authentication that I could set up a connection to? I could then get it set up and share the blueprint.
2 Likes
Thanks for the offer @Terry_Hopper. Unfortunately, I don’t have a service at hand. In my case, I’m trying to connect to the API of a device. Perhaps @ITSM_Costalis had one at hand?
Hi @Terry_Hopper,
Thanks so much for your input here!
When I make a --digest auth call, I end up with a nonce (and an “opaque”) value in the collection of output headers that I can access in the following step - no error handler needed:
Digest realm="bsns-admin"
qop="auth,auth-int"
nonce="6f6dfb807bc5d7e84d2b"
opaque="934a0ef735ce666370ede"
I’ve seen another proposed solution, but there is just a picture of the scenario flow - no details on the config: Digest Auth for my Clock PMS custom app - #4 by andrtvrd
What do I do with the nonce to achieve digest authorization?
My understanding is that I need to hash per MD5, but not sure what all to stick in there or how to invoke the results in a subsequent HTTP call 
Thanks!
for reference: What is digest authentication? - Stack Overflow
Hi @mixelpix,
The Wikipedia page on this is very good:
So in Make, you’ll need to (1) extract “realm”, “nonce”, and “opaque” from that header, (2) calculate the “response” value (which is the MD5 hash(s) including your username and password), and then (3) build up the “Authorization” header in your second HTTP module.
I’ve seen another proposed solution, but there is just a picture of the scenario flow - no details on the config: Digest Auth for my Clock PMS custom app - #4 by andrtvrd
The Text Parsers in this example where presumably to read the values from the returned header, before calculating the response.
You’ll need to add a custom header to you HTTP Module to pass the results back to the server. Like this:
Because the “qop” (Quality of Protection) from your server includes “auth”, you’ll calculate your response using this format:
So your setup in Make, may look more like this:
Hopefully this gives you a head start. Do come back to the community if you run into any problems!
3 Likes
Thanks so much, @Terry_Hopper !
I hafta put this effort on hold for right now, but will return here with a solution.
In these kinds of situations, I usually use curl in the command line rather than Postman. Adding a -v flag to the curl command, I see how I am ending up with:
< ...
< HTTP/2 401
< date: Sat, 28 Oct 2023 17:09:07 GMT
< content-type: text/html; charset=UTF-8
< server: nginx
< www-authenticate: Digest realm="prisma-admin", qop="auth,auth-int", nonce="b01cac22070514b34126a0ba4833a52c", opaque="709b3d2eed0439ed29788de47a205f1c"
< x-frame-options: sameorigin
< x-frame-options: sameorigin
<
* Connection #0 to host api.getalma.com left intact
…so onwards I’ll be parsing out the values I need from the www-authenticate key 