Authorization templates allow you to define a common authorization method for many RESTful API datasources.
The saved template can be used many times to configure subsequent datasources that communicate with the same API system.
Creating an authorization template:
To create an authorization template, select the "Create authorization template" button on the datasource form:
Then a window will appear with the configuration of the authorization template:
Description of the authorization template configuration:
| Name of the parameter | Description | Optionality |
|---|---|---|
| Template | It allows you to complete the configuration fields with one of the previously saved templates to speed up the configuration of many similar templates. | Not applicable |
| Id | Unique authorization template id. | Required |
| Name | Authorization template display name. | Required |
| Description | Displayed description of the authorization template. | Required |
| Authorization type | It allows you to choose one of the available authorization types supported by the plugin. After selecting the authorization type, additional configuration fields specific to it will appear on the form. The list of available authorization types is given below. | Required |
Available authorization types:
Staritng from version 1.0.10, it is now possible to parameterize each authorization configuration using datasource input parameters. Use {param}, where param equals input parameter id to dynamically pass config param value.
API Key
The API Key authorization template allows you to add a permanent API key to each request. The key can be added to the URL in the format - ?key=value - or to the header in the format { headers: { key: value } }
Configuration description:
| Name of the parameter | Description | Optionality |
|---|---|---|
| Key | URL parameter key or header name (depending on the "Add to" parameter) | Required |
| Value | URL parameter value or header value (depending on the "Add to" parameter) | Required |
| Add to | Specifies whether to add the key to the request as a URL parameter or as a header. | Required |
Configuration examples:
| Configuration | Result |
|---|---|
 | It will add the request parameter provided in the source configuration to the URL ?token=ASDF Eg. http://localhost:8080 => http://localhost:8080?token=ASDF |
 | It will add following header to the request "API-KEY: someConstantToken" |
Basic Auth
The Basic Auth authorization template allows you to add a Basic Auth header to each request in the form: Authorization: Basic {credentials}, where {credentials} is the Base64 value calculated from: {Użytkownik}:{Hasło}.
Configuration description:
| Name of the parameter | Description | Optionality |
|---|---|---|
| User | Name of the user registered in the API | Required |
| Password | User password | Required |
Bearer Token
The Bearer Token authorization template allows you to add a Basic Auth header to each request in the form: Authorization: Bearer {token}
Configuration description:
| Name | Description | Requirement |
|---|---|---|
| Token source | Dropdown list. Available options: "Datasource","Constant value". | Required |
| Token | Token value to add in authorization header. | Required (only for "Token source" == "Constant value") |
| Datasource ID | Datasource which returns token value (first returned value is being used). | Required (only for "Token source" == "Datasource") |
| Datasource parameters | Datasource input parameters. Format: "parameter_1=value_1, parameter_2=value_2". | Optional |
Cookie
The Cookie authorization template allows you to add to each request the cookie required to authorize the request.
Configuration description:
| Name of the parameter | Description | Optionality |
|---|---|---|
| HTTP method | The HTTP method to be used in the request; possible values: [GET, POST] | Required |
| URL | The URL to which the request will be sent to receive cookies from the API | Required |
| Content-Type | Available only after selecting the POST method. Available values: application/json, application/x-www-form-urlencoded, multipart/form-data | Required |
| Parameters | Available only after selecting the POST method. Parameters passed in the body of the request. | Optional |
Configuration examples:
| Configuration | Result |
|---|---|
 | It will attach the authorization cookie from the PlusWorkflow system to requests from the datasource |
 | It will attach the authorization cookie from the PlusWorkflow system to requests from the datasource |
OAuth2
The OAuth2 authorization template allows you to add an OAuth token to each request as the appropriate header or URL parameter.
Configuration description:
| Name of the parameter | Description | Optionality |
|---|---|---|
| Grant type | Specifies whether the authorization request should contain only client secrets or client secrets + user credentials. Available values:
| Required |
| Access Token URL | URL to which the request will be sent | Required |
| Username | Username. Available only when the "Grant type" parameter is set to "Password credentials" | Required |
| Password | User password. Available only when the "Grant type" parameter is set to "Password credentials" | Required |
| Client ID | https://www.oauth.com/oauth2-servers/client-registration/client-id-secret/ | Required |
| Client Secret | https://www.oauth.com/oauth2-servers/client-registration/client-id-secret/ | Required |
| Scope | An optional parameter that specifies which resources to grant access to. The value of the parameter depends on the specific API solution to which the data source will be connected | Optional |
| Resource | An optional parameter that specifies which resources to grant access to. The value of the parameter depends on the specific API solution to which the data source will be connected | Optional |
| Client authorization | Specifies how authorization data (customer secrets) are to be transmitted. Available values:
| Required |
| Add authorization data to | Specifies how the authorization token (received in response to the authorization request) is to be forwarded on subsequent API calls. Available values:
| Required |
Configuration example:
NTLM
The NTLM (https://en.wikipedia.org/wiki/NTLM) authorization template.
Configuration
| Parameter name | Description | Required |
|---|---|---|
| Username | The name of the user trying to access a protected resource. This can be, for example, a Windows account login. | Yes |
| Password | The user's password associated with their account. The password is used to verify the user's identity. In NTLM, the password is not sent directly over the network but is used to generate a hash, which is then used in the authentication process. | Yes |
| Domain | The name of the domain in which the user account is registered. This can be an Active Directory domain or the local computer name if the user is logging into a local account. | No |
| Workstation | The name of the user's computer from which the authentication request originates. | No |
Modification of authorization templates
Authorization templates allow you to modify previously saved templates. To do this, select the "Modify authorization" button on the form.
After clicking, the authorization template modification window will appear.
In the opened window, select the saved authorization template from the drop-down list.
After selecting the template, the form will be filled with the data saved in it.
After editing the data, select the "Modify authorization" button to save the template with changes.
The unused template can also be removed from the database using the "Delete" button.
Add Comment