Callout notifications configured with authentication must include an authentication header for successful delivery. Callouts can fail if endpoints are not compliant with RFC 7617 or if credentials are not valid.
Check Authentication on Callouts
After you have configured a callout notification, perform the following steps to check callout authentication:
- Verify that the Callout Authentication check box is selected.
- Run the following curl command to validate the user name and password credentials.
$ curl -v [callouts endpoint URL] -u username:password
If the user name and password are valid, a
200 OKHTTP response is returned.
- Ensure that the callout endpoint is RFC 7617 compliant. Specifically, the callout must return a WWW-Authentication header for 401 status.
$ curl -v https://httpbin.org/basic-auth/user/passwd * Hostname was NOT found in DNS cache * Trying 184.108.40.206... * Connected to httpbin.org (127.0.0.1) port 443 (#0) * TLS 1.2 connection using TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 * Server certificate: *.httpbin.org * Server certificate: COMODO RSA Domain Validation Secure Server CA * Server certificate: COMODO RSA Certification Authority * Server certificate: AddTrust External CA Root > GET /basic-auth/user/passwd HTTP/1.1 > User-Agent: curl/7.37.1 > Host: httpbin.org > Accept: */* > < HTTP/1.1 401 UNAUTHORIZED * Server nginx is not blacklisted < Server: nginx < Date: Tue, 08 Sep 2015 08:21:27 GMT < Content-Length: 0 < Connection: keep-alive < Access-Control-Allow-Origin: * < Www-Authenticate: Basic realm="Fake Realm" < Access-Control-Allow-Credentials: true