Skip to main content

Message sequence for Zuora callout basic authentication

Zuora

Message sequence for Zuora callout basic authentication

The basic authentication for Zuora callouts is compliant with RFC 7235 and RFC 7617.

See the following message sequence for the default flow of Zuora callout basic authentication.

  1. Zuora sends an HTTP request to the callout receiver with no credentials.
  2. The callout receiver responds to Zuora with a 401(Unauthorized) response that has a WWW-Authenticate header field containing at least one challenge.
  3. Zuora sends to the callout receiver a second request that has an Authorization header field containing valid credentials.
  4. The callout receiver responds to Zuora with a 200 response upon validation of credentials.

Basic Authentication Message Sequence.png