How to Pass Resources Protected With a User Login to Forge Design Automation

In a recent interaction with a Forge customer, we noticed that all of their resources are stored in a server protected with user login credentials, unlike generic cloud storage service providers which follow oAuth bearer token authorization to access files from their respective cloud storage. These home grown servers follow the rules of basic access authentication.

For example, when you try access a drawing resource, a login window pops up, breaking the design automation workflow. In order to continue the workflow, the design automation service must be able to understand relevant authorization information.

So to use Basic Authentication, a header is added to the HTTP Request. It looks like this:

Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==, where "QWxhZGRpbjpvcGVuIHNlc2FtZQ==" is just "username:password" encoded in Base64

A typical Workitem payload with Basic Authentication passed in Header:

{
	"Arguments": {
		"InputArguments": [
			{
				"Resource": "http://120.138.8.50:8080/drawings/1543468882182_FloorPlanSample_Master.dwg",
				"Name": "HostDwg",
				"Headers": [
					{
						"Name": "Authorization",
						"Value": "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ=="
					}
				]
			}
		],
		"OutputArguments": [
			{
				"Name": "Result",
				"HttpVerb": "POST"
			}
		]
	},
	"ActivityId": "PlotToPDF"
}

As I discussed above, the value QWxhZGRpbjpvcGVuIHNlc2FtZQ== in Headers is a base64 encode of username:password [Note: a colon between the username & password is important. The encoded value should be prefixed with Basic].