Authentication
Select the appropriate Authentication Type from the drop-down menu:
- None
- Basic
- Bearer Token
- OAuth 2.0
- Call Authentication Endpoint
- API Key
After selecting the authentication type, follow the specific instructions based
on your selection:
- None: No authentication is required, you can directly call the API.
- Basic: Enter the Username and Password to call the API.
- Bearer Token: Enter the Bearer Token to call the API. The Link backend generates a bearer token, which is a secure string, in response to a login request. When making requests to protected resources, you can include the token in the authorization header.
- OAuth 2.0: An authorization framework that lets third-party
applications access a user's resources without exposing their credentials. It
provides secure access by issuing tokens.
- Select Use Existing Access Token if a token is
available:
- Choose the Access Token Expiry Action
from the following options:
- Do not refresh
- Refresh with client credentials
- Refresh with password credentials
- Use refresh token
- Depending on the selection:
- Do not refresh: Enter the Access Token. When the access token expires, the link backend does not generate a new one automatically. Instead, it uses the access token provided by the user in the UI.
- Refresh with client credentials:Enter the Access Token URL, Client ID, Client Secret, Code Challenge Method, and Access Token. The link backend will automatically generate an access token from client credentials.
- Refresh with password credentials: Enter the Access Token URL, Client ID, Client Secret, Code Challenge Method, Username, Password, Security Token, and Access Token. The link backend will automatically generate an access token from password credentials.
- Choose the Access Token Expiry Action
from the following options:
- Generate Access Token Now for a new token:
- Choose the Grant Type:
- Authorization Code
- Authorization Code with PKCE
- Client Credentials
- Password Credentials
- Based on the selection:
- Authorization Code: Provide the Redirect URL, Authorization URL, Access Token URL, Client ID, Client Secret, Scope, Resource, Audience, Access Token, and Refresh Token and select Client Authentication. When a user selects the authorization code they will generate an access token along with a refresh token, and the grant type supplied to the link backend will be a refresh token, and the access token on expiry will be regenerated using the refresh token which will be stored in a database file in the Link backend.
- Authorization Code with PKCE: Provide the same fields as the Authorization Code and select the Code Challenge Method (SHA-256 or Plain). The Authorization Code with PKCE strengthens OAuth 2.0 security by using a code verifier and challenge. This approach helps prevent the interception of the authorization code, ensuring that only the legitimate client can exchange the code for an access token.
- Client Credentials: Enter the Access Token URL, Client ID, Client Secret, Scope, Audience, Username, Password, Access Token, and Refresh Token.
- Password Credentials: Provide the required fields as in Client Credentials and select the Client Authentication.
- Choose the Grant Type:
- Select Use Existing Access Token if a token is
available:
- Click Next to proceed to Retry Strategy.