REST Connector reference
See examples of how the REST connector formats requests.
Content:
- Types of Authentications:
- None
- Basic Auth
- Bearer Token
- OAuth2.0 - Client Credential Grant Type
- Password Grant Type - ROPC (Resource Owner Password Credential)
Types of Authentications:
None:
No added authentication to the HTTP request.
This should be selected if you require specific HTTP authentication request structure that deviates from the available options below.
Basic Auth:
The username and password get sent as a header encoded in Base64 in the format "username:password".
For example, username testUsername and password testPassword get sent as testUsername:testPassword encoded in Base64 sent as header "authorization: Basic dGVzdFVzZXJuYW1lOnRlc3RQYXNzd29yZA==".
Headers: {
'content-type': 'application/json',
"authorization: Basic dGVzdFVzZXJuYW1lOnRlc3RQYXNzd29yZA=="
}
The content-type will be what is specified on the Input or Output page.
Bearer Token:
The token is sent as header "authorization: Bearer specifiedToken".
Headers: {
'content-type': 'application/json',
"authorization: Bearer specifiedToken"
}
The content-type will be what is specified on the Input or Output page.
OAuth 2.0:
The configuration above will send an HTTP request with content-type form-urlencoded as follows:
Headers: {
'content-type': 'application/x-www-form-urlencoded'',
"authorization: Basic dGVzdENsaWVudElkOnRlc3RDbGllbnRTZWNyZXQ="
}
Body: {
scope: 'read:testOptional write:testOptional',
audience: 'https://optional.audience.test',
resource: 'https://optional.resource.test/v1',
grant_type: 'client_credentials'
}
The authorization header follows the Basic Authorization function described above where the format is clientID:clientSecret encoded in Base64.
If Client Authentication is sent in the request body the HTTP request will be as follows:
Headers: {
'content-type': 'application/x-www-form-urlencoded''
}
Body: {
scope: 'read:testOptional write:testOptional',
audience: 'https://optional.audience.test',
resource: 'https://optional.resource.test/v1',
grant_type: 'client_credentials',
client_id: 'testClientId',
client_secret: 'testClientSecret'
}
In either scenario, the authentication endpoint should return a payload as follows:
{
"access_token": "qweasdzxcwersdfxcv.",
"token_type": "Bearer",
"expires_in": 3600,
"scope": "read:testOptional write:testOptional",
"audience": "https://optional.audience.test",
"resource": "https://optional.resource.test/v1"
}
When a request is made to the endpoint with an Input or Output Component, a request to the authentication endpoint is made to retrieve the Bearer token. The returned token is then added to the header of the Input or Output request automatically.
Password Grant Type - ROPC (Resource Owner Password Credential)
The configuration above will send an HTTP request with content-type form-urlencoded as follows:
Headers: {
'content-type': 'application/x-www-form-urlencoded''
}
Body: {
grant_type=password&username=testUsername&password=testPassword
}
The authentication endpoint should return a payload as follows:
{
"access_token": "qweasdzxcwersdfxcv.",
"token_type": "Bearer",
"expires_in": 3600
}
When a request is made to the endpoint with an Input or Output Component, a request to the authentication endpoint is made to retrieve the Bearer token. The returned token is then added to the header of the Input or Output request automatically.