Welcome to the SRP Forum! Please refer to the SRP Forum FAQ post if you have any questions regarding how the forum works.

SRP_ENCODE vs Postman

I have an issue where I am trying to Base64 encode a Key to send through via a HTTP header.

If I use SRP_ENCODE (or OIs Base64Encode) I get a value. This does NOT work to authorise the Endpoint.
I tried Base64, BASE64URL and both with the '0' option for CRLF$. All four tests give me the same string.

If I use the SAME key in Postman (as the username in BASIC authentication) it DOES work. However the encoded value is not exactly the same. The final, 120th, character is different.

Decoding THAT values shows my original key with a only a ':' appended.
If I use THAT key in my OI routine the external API call authorises as expected.

As I noted, SRPEncode, Base64Encode and external Dev Tools validate to the same encoded string. However, Postman seemingly does something different and unfotunately it is the one that works.

Can anyone shed light on what that might be?

Comments

  • Actually I clearly wasn't thinking straight.

    Even though Password is blank I still need to encode
    Username : ":" : Password
    ...Like I have done every other time (with a password)!!! duh!

    Just ignore me.
  • LMAO

    Opto_Will "Surely you can't be serious!"
    @DonBakke "I am serious — and don't call me Shirley"

    Comedy Genius!
Sign In or Register to comment.