Creating a security definition
A security definition specifies all the settings for a particular aspect of API security; for example, the user registry that you use to authenticate access to the API.
About this task
API Connect is secured to forbid external references in XML managers. For example, if you configure a custom login form or consent form for OAuth provider, it cannot refer to an external DTD.
You can create security definitions of the following types:
| Basic authentication | Use a basic authentication security definition to specify a user registry or an authentication URL to be used to authenticate access to the API. |
| API key | Use an API key security definition to specify what application credentials are required to call an API. |
| OAuth | Use an OAuth security definition to specify settings for OAuth token based authentication for your API. |
The following subtopics describe how to create security definitions of each type: