Articles on: App Integrator

Authorization types and methods

Authorization is an entity where the requested data type of the end-user is fully set, as well as the method of obtaining an Access token to the application through the API.

Applications can have an unlimited number of Authorization. In each request widget, a specific Authorization is selected, and such a request will be made with the same Authorization access token.

The last step of Authorization includes the API request “template” settings with Authorization data. It helps to avoid settings in each request widget. For example, if the Access token is always passed in a specific header, then at step 4 you will need to create such header and put the Access token in the value.

Authorization is divided into:

Type: Set the type of data transferring to the system

Method: Select the method and model of app Authorization


Authorization types





There are three Authorization types:

Custom: Authorization does not have a pre-set field, thus all the necessary fields are created. Fields requested by the end-user will be filled and transferred to the system. It is possible to make an additional API request for an Access token to exchange some data, with updating via Refresh token if necessary.

With login and password: Login and Password will be transferred to the system. It can be sent both in original and encoded in base64 format (Basic auth).

With token: An Access token will be transferred to the system. It is possible to make an additional API request for the Access token to exchange some data, with updating via Refresh token if necessary.


Authorization methods





The available Authorization methods depend on the selected type. The following Authorization methods are available:

Manually: Creating a connection, fields are displayed depending on the type. The end-user’s data is saved as part of the connection, no additional API requests are created.

With API key: Creating a connection, an API key is requested from the end-user. Then the API method is set by the request widget, for exchanging the API key for Access token with the ability to update through the Refresh token.

With login and password: Creating a connection, login and password are requested from the end-user. The login and password are exchanged through API requests for Access token, with the possibility of updating through Refresh token.

oAuth: Authorization using the oAuth protocol. The end-user provides access to the service through Authorization in the service in opened window and access permissions.


Type and method possible combinations



You select the type and the method at each Authorization. There are several possible combinations.

With Custom type, the following methods are available:

Manually

With API - key

With login and password


With Login and password type, only Manual method is available.

With Token type, the following methods are available:

Manually

With API key

With login and password

oAuth

Updated on: 08/12/2022

Was this article helpful?

Share your feedback

Cancel

Thank you!