Authentication properties
All authentication properties are defined within the authentication object in theItential Platform service instance configuration for the adapter. If you are using request_token authentication, there is also a getToken action defined in the .system entity at adapter-home-dir/entities/.system/action.json.
Properties
| Property | Type | Required | Description |
|---|---|---|---|
auth_method | enum | Yes | The authentication method to use. Supported values: basic_user_password (username and password on every request), static_token (a fixed token provided in the token property), request_token (credentials are exchanged for a token used in subsequent requests), no_authentication (no auth required, or auth is handled outside the adapter library). |
username | string | Yes (for basic_user_password and request_token) | The username for authenticating with the external system. |
password | string | Yes (for basic_user_password and request_token) | The password for authenticating with the external system. Can be encrypted using the adapter’s encryptProperty method or throughItential Platform. You must use the encryptProperty method of the adapter that will be using the property. |
token | string | Yes (for static_token only) | The static token to use for authentication. |
token_user_field | string | No | Overrides the field name used to send the username credential when requesting a token, if different from the adapter endpoint configuration. |
token_password_field | string | No | Overrides the field name used to send the password credential when requesting a token, if different from the adapter endpoint configuration. |
token_result_field | string | No | Overrides the field name from which to extract the token in the authentication response, if different from the adapter endpoint configuration. |
token_URI_path | string | No | Overrides the URI path used to retrieve a token, if different from the adapter endpoint configuration. |
token_timeout | integer | No → -1 | How long (in milliseconds) a dynamic token is valid before the adapter requests a new one. -1 means always fetch a new token. 0 means use the expiration time returned with the token (must be present in the token schema response in an accepted format). |
token_cache | enum | No → local | Where the adapter stores tokens. local: in-memory, lost on adapter restart. redis: preserved across restarts; not typically used due toItential Platform changes. |
invalid_token_error | integer | No → 401 | The HTTP error code that indicates an invalid or expired token. When this error is received, the adapter automatically requests a new token and resubmits the original call. |
auth_field | string | Yes (except no_authentication) | The request field where authentication credentials (token or basic auth) should be placed for all calls after initial authentication. This is not the field used in the token request itself. |
auth_field_format | string | Yes (except no_authentication) | The format of the authentication field value. Supports a combination of static text and dynamic tokens. Example: {b64}Basic {username}:{password}{/b64} base64-encodes a Basic Auth string. Bearer {token} or Token {token} are also common patterns. |
auth_logging | boolean | No → false | Enables logging that includes authentication details. Only enable this when actively debugging authentication issues, as it logs sensitive information such as credentials. |
auth_request_datatype | string | No | Overrides the request data type for token authentication requests, taking precedence over the schema’s requestDatatype. |
auth_response_datatype | string | No | Overrides the response data type for token authentication requests, taking precedence over the schema’s responseDatatype. |
token_response_placement | string | No | Overrides where to extract the token from the authentication response (HEADER or BODY), taking precedence over the schema’s token placement setting. |
client_id | string | No → "" | Client ID required by some OAuth flows. |
client_secret | string | No → "" | Client secret required by some OAuth flows. |
grant_type | string | No → "" | Grant type required by some OAuth flows. Commonly supported values include password and client_credentials. |
Example
This example uses a two-step authentication flow. The adapter authenticates with a username and password, receives a token valid for 10 minutes, and places that token in a custom header field on all subsequent requests.
1 "authentication": { 2 "auth_method": "request_token", 3 "username": "IP", 4 "password": "isTheBest!", 5 "token": "", 6 "token_user_field": "", 7 "token_password_field": "", 8 "token_result_field": "", 9 "token_URI_path": "", 10 "token_timeout": 600000, 11 "token_cache": "local", 12 "invalid_token_error": 401, 13 "auth_field": "header.headers.My-Special-Token", 14 "auth_field_format": "My Token is {token}", 15 "auth_logging": false, 16 "auth_request_datatype": "", 17 "auth_response_datatype": "", 18 "token_response_placement": "", 19 "client_id": "", 20 "client_secret": "", 21 "grant_type": "" 22 }
For additional authentication examples, see Authentication.
