I am trying to create a POST API Method in API Connect by invoking an OpenWhisk Action. I am using the GET Method in James Thomas' article Serverless APIs with OpenWhisk and API Connect, as a template for connection and configuration settings to integrate OpenWhisk actions into the API. The OpenWhisk Action I am using is successfully posting input data to a Compose PostgreSQL Database, so all I need to do is properly invoke it and send the input data in the correct format to the OpenWhisk function via API Connect. My current request and response output on the IBM API Developer Console is:
Request
POST https://api.us.apiconnect.ibmcloud.com/spatvis-tutorial/sb/post-trial/student Headers:
Content-Type: application/json
Accept: application/json
X-IBM-Client-Id: ********************************
X-IBM-Client-Secret: *******************************
Response
Code: 401 Unauthorized Headers:
x-global-transaction-id: 114129529
content-type: application/json
{}
The OpenWhisk function is not being invoked and I can't figure out why I am getting the security error. What kind of credentials do I need and how do I set that up? Does it make sense to use either TLS, Basic, and Custom HTTP Security techniques outlined in the article Three approaches to securing access to Bluemix applications with IBM API Connect? If so, what are the pros and cons of each technique/method and which one makes most sense to use to secure access to OpenWhisk Actions?