How to configure an authentication method for an API
To proceed with this step, you need to have a specific design for the authentication method ready, such as rules for the API Key plan, API rulesets, token issuer, and API access policy.
The authentication method is defined in the API definition created in the first step, and the configuration depends on the chosen protocol. You can configure authentication methods in the Administration settings. The example Views below are related to API Key authentication.
Topic | Description |
API Keys | Used to authenticate a caller triggering an HTTP or API Trigger using API Key authentication. Only valid for a specific Environment. The Rulesets determine API key access rights applied to them. |
Rulesets | Used to group access rules for API keys and contain a collection of rules. An API key can have multiple Rulesets active at once. Rulesets are shared across all Environments. |
Rules | Give the API Key access to a specific URL path with a particular method, but path parameters are not supported. |
Other authentication methods
Aside from API Key authentication, other authentication methods can be used, such as basic authentication, OAuth authentication, client certificate authentication, or no authentication method at all.
After completing this step, you're now ready to test the created API.
The next article is Introduction to How to test an API and API - Key Concepts