Step 3: Handling trusted requests from Dataporten API GatekeeperΒΆ

We introduce something like this into our API implementation:

<?php
if ($_SERVER["PHP_AUTH_USER"] !== 'feideconnect' || 
        $_SERVER["PHP_AUTH_PW"] !== 'xxxxxx-xxxxxx-xxxxxx-xxxxxx-xxxxxx') {
    throw new Exception("Invalid trust to Dataporten");
}
$useridsec = explode(",", $_SERVER("HTTP-X-FeideConnect-userid-sec");
$userid = $useridsec[0]; // UserID is now feide:andreas@uninett.no
?>

This code example is written in PHP and is just for proof of concept.