REST Authentication

The HTTP Requestor supports the following authentication mechanisms:

  • Basic Authentication - simplest form of authentication (though unfortunately also the least secure). It uses a username and password and is built into the HTTP protocol.

  • API Key Authentication - uses a generated key. The key is long lived and is currently only supported in the Low-code Tools when passed via header. Currently passing the API key in the payload or via query parameter is not supported.

  • Token Based Authentication - also referred to as bearer authentication. There are many different implementations and the Low-code Tools currently supports a limited subset of the various authentication workflows.

  • Oauth2 Authentication - open authentication standard, defined in RFC 6749. Low-code Tools supports Client Credentials (recommended) and Resource Owner Password Credentials Grant (not recommended).

The Low-code Tools allow for custom authenticators to be defined using python. This is an advanced feature that can be leveraged to support authentication methods that are not currently available out of the box. See Custom Authenticators.

Note

For all authentication types except Basic, the REST Universal Credential is required.

Supported Credential Types

Below are the supported credential types of the Low-code Tools.

  • Limited Credential Types (Basic Authentication Only)

    • Basic/Snippet

    • SOAP/XML Host

  • Fully Supported Credential Type

    • Low-code tools: rest v103

To create a new Low-code tools: rest you must click Manage ‣ Credentials.

Note

The Low-code tools: rest credential type cannot be accessed clicking System ‣ Manage ‣ Credentials. Editing an existing credential of this type from the page below will result in an error. Updates can only be accomplished by clicking Manage ‣ Credentials.

New Credential Editor

../../_images/low_code_tools_rest.png

Old Credential Editor

../../_images/old_cred_view.png

Authenticators

Proxy Support

By default, proxies use the HTTPS protocol. To adjust this behavior in the Low-code tools: rest v102 credential, you can configure the Proxy Scheme.

../../_images/rest_proxy_scheme.png

To enable HTTP proxies while using the SOAP/XML Host credential type, you must set the PROXYTYPE CURL option to http.

New Credential Editor

../../_images/soap_ucf_proxytype.png

Old Credential Editor

../../_images/soap_proxytype.png