Overview of authentication types
The different authentication types cater to various security requirements and use cases, enabling you to choose the most appropriate option. Here's a detailed explanation of each authentication type:
| Authentication type | Options | Details |
|---|---|---|
| API Key | This method uses a unique identifier (API key), for client authentication. The API key is sent in a specified location (header, query, or cookie) within the request to authenticate. | |
Server URL |
This refers to the base URL of the server that hosts the protected resources. This URL is used to send the API key requests. | |
API Key Location |
The API key can be sent in different locations within the request, such as the header, query, or cookie. Choose the API key location (header, query, or cookie). | |
| Basic Auth | This method uses a username and password combination to authenticate. | |
Server URL |
This refers to the base URL of the server that hosts the protected resources. This URL is used to send the Basic Auth requests. | |
| Bearer Token | This method uses a bearer token for authentication. | |
Server URL |
This refers to the base URL of the server that hosts the protected resources. This URL is used to send the bearer token requests. | |
| Key Value Pair | This method involves sending a set of key-value pairs in the request, where each key-value pair consists of a key and a corresponding value. | |
Server URL |
This refers to the base URL of the server that hosts the protected resources. | |
Key-Value |
Each key-value pair consists of a key and a corresponding value. The key identifies the type of information being sent, while the value contains the actual data. For example, a key could be "client_id" and its corresponding value could be the unique identifier for the client application. Additional key-value pairs can be added. | |
| OAuth2 Authorization Code | This method is designed for applications that need to access resources on behalf of an end-user. | |
Server URL |
This refers to the base URL of the server that hosts the protected resources. | |
Token URL |
Specify the token URL value relative to the server URL. The Token URL is typically provided by the authorization server during the registration of the application. | |
Scope |
Scope is a way to limit the access. It defines the specific permissions or resources ro which access is allowed. | |
Authorization URL |
This is the endpoint on the authorization server where the client redirects the end-user for authentication and authorization. The user will grant or deny the client's request for access to their resources. | |
Client ID |
A unique identifier for the client application. Get the client ID from your account user interface. | |
Client Secret |
A secret key known only to the client and the authorization server. | |
| OAuth2 Client Credential | This method is designed for server-to-server authentication. | |
Server URL |
This refers to the base URL of the server that hosts the protected resources. | |
Send Credentials Via |
Specify how the credentials are sent (header or body). | |
Token URL |
Specify the token URL value relative to the server URL. The Token URL is typically provided by the authorization server during the registration of the application. | |
Client ID |
A unique identifier for the client application. Get the client ID from your account user interface. | |
Client Secret |
A secret key known only to the client and the authorization server. | |
Grant Type |
The grant type is always "client_credentials". This indicates to the authorization server that the client is requesting an access token using the Client Credential flow. | |
Scope |
Scope is a way to limit the access. It defines the specific permissions or resources ro which access is allowed. |