Defining security schemes

A security scheme specifies all the settings for a particular aspect of API security; for example, the user registry that you use to authenticate access to the API.

Note: This task relates to configuring an OpenAPI 2.0 API definition. For details on how to configure an OpenAPI 3.0 API definition, see Editing an OpenAPI 3.0 API definition.

You can complete this task either by using the API Designer UI application, or by using the browser based API Manager UI.

You can create security definitions of the following types:
Type Description
Basic authentication Use a basic authentication security definition to specify a user registry or an authentication URL to be used to authenticate access to the API.
API key Use an API key security definition to specify what application credentials are required to call an API.
OAuth2 Use an OAuth2 security definition to specify settings for OAuth token based authentication for your API.