To invoke a secure backend using a basic authentication, we need to send a header called Authorization in the request, containing the username and password joined with : and encoded in Base64:
<!-- Define the username --> <property name="username" value="USERNAME_OF_BACKEND" scope="default" type="STRING" xmlns="http://ws.apache.org/ns/synapse"/> <!-- Define the password --> <property name="password" value="PASSWORD_OF_BACKEND" scope="default" type="STRING" xmlns="http://ws.apache.org/ns/synapse"/> <!-- Configure the header with the above parameters --> <property expression="fn:concat('Basic ', base64Encode(fn:concat($ctx:username,':',$ctx:password)))" name="Authorization" scope="transport" type="STRING" xmlns="http://ws.apache.org/ns/synapse"/> ...