Callout notifications configured with authentication must include an authentication header for successful delivery. Callouts can fail if endpoints are not compliant with RFC 2617 or if credentials are not valid.
After you have configured a callout notification, perform the following steps to check callout authentication:
$ curl -v [callouts endpoint URL] -u username:password
If the user name and password are valid, a
200 OK HTTP response is returned.
$ curl -v https://httpbin.org/basic-auth/user/passwd * Hostname was NOT found in DNS cache * Trying 188.8.131.52... * Connected to httpbin.org (127.0.0.1) port 443 (#0) * TLS 1.2 connection using TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 * Server certificate: *.httpbin.org * Server certificate: COMODO RSA Domain Validation Secure Server CA * Server certificate: COMODO RSA Certification Authority * Server certificate: AddTrust External CA Root > GET /basic-auth/user/passwd HTTP/1.1 > User-Agent: curl/7.37.1 > Host: httpbin.org > Accept: */* > < HTTP/1.1 401 UNAUTHORIZED * Server nginx is not blacklisted < Server: nginx < Date: Tue, 08 Sep 2015 08:21:27 GMT < Content-Length: 0 < Connection: keep-alive < Access-Control-Allow-Origin: * < Www-Authenticate: Basic realm="Fake Realm" < Access-Control-Allow-Credentials: true