ConfigureAuthenticationAuthentication methods

Static token authentication

Static token authentication — also known as API key authentication or personal access token (PAT) authentication — uses a fixed token that is sent with each request rather than exchanging credentials for a session token. It is less common than basic authentication or two-step token, but it is fully supported by the adapter.

Characteristics of static token authentication:

  • A static token (personal access token, API key, or similar) is used for every request.
  • The token does not expire, or it expires infrequently (for example, every three months). When the token changes, update it in theItential Platform service instance configuration for the adapter inItential Platform Admin Essentials.
  • The token can be placed in different parts of the request, either alone or as part of a formatted string.

Configure static token authentication

Static token authentication is configured entirely in the authentication section of theItential Platform service instance configuration for the adapter, accessible throughItential Platform Admin Essentials. For a full description of all authentication properties, see Service instance configuration.

Set the following properties:

  • Set auth_method to "static_token".
  • Set token to the static token value.
  • Set auth_field to the location in the request where the token should be placed. Headers are the most common placement, referenced as header.headers.<field-name>. For the standard Authorization header, use header.headers.Authorization.
  • Set auth_field_format to the format of the token string. The adapter library substitutes the following variable at runtime:
    • {token}

Example

1"authentication": {
2  "auth_method": "static_token",
3  "token": "adsfhjdhsaflhljafhasdjlfh",
4  "auth_field": "header.headers.Authorization",
5  "auth_field_format": "Token {token}"
6}

Variations

Some systems use variations of static token authentication. The following table describes common options and how to configure them.

VariationConfiguration
Token in a different header fieldSet auth_field to "header.headers.MyAuthField".
Token in the URL path (before the ?)Set auth_field to "urlpath".
Token in the URL query (after the ?)Set auth_field to "url".
Token in the request bodySet auth_field to "body.field".
Send token without a prefixSet auth_field_format to "{token}".
Send base64-encoded tokenSet auth_field_format to "My encoded token {b64}{token}{/b64}".

Example: token in a custom header, base64-encoded

1"authentication": {
2  "auth_method": "static_token",
3  "token": "adsfhjdhsaflhljafhasdjlfh",
4  "auth_field": "header.headers.MyAuthField",
5  "auth_field_format": "My encoded token {b64}{token}{/b64}"
6}