For AI agents: a documentation index is available at the root level at /llms.txt and /llms-full.txt. Append /llms.txt to any URL for a page-level index, or .md for the markdown version of any page.
Open sourceSupportFAQsDocs Home
DocumentationAPI referenceRelease notes
DocumentationAPI referenceRelease notes
  • Platform On-Prem
    • Overview
    • Navigate
    • Search resources
  • Apps
      • Overview
      • Navigate
      • Configuration
      • Gateway configuration
      • Status
      • Applications
      • Adapters
        • Overview
        • Manage integrations
          • Auth security schemes
          • Authentication tokens
          • OAuth2
          • mTLS security
          • OpenID Connect Discovery
          • OpenAPI extensions
        • Integration models
      • Repositories
    • FlowAI
    • Itential Automation Gateway
  • Resources
    • Itential Academy
    • Version lifecycle
    • Itential MCP
    • Accessibility conformance
    • Get support
    • FAQs
LogoLogo
Open sourceSupportFAQsDocs Home
On this page
  • Supported security schemes
  • Considerations
  • Example security schemes
  • API Key
  • AWS
  • AWS Lambda
  • HTTP (Basic and Bearer)
  • OAuth2
AppsAdmin EssentialsIntegrations and modelsAuthentication

Understand auth security schemes

Was this page helpful?
Previous

Configure integration authentication tokens

Next
Built with

After you create an integration, a security scheme authentication object is added to the service configuration properties.

Supported security schemes

The following security schemes are supported:

  • apiKey (including AWS)
  • https
  • oauth2
  • mutualTLS
  • OpenIDConnectScheme

Considerations

  • Tokens must be self-managed.
  • For Amazon Web Services (AWS), ensure the securityScheme entry is an apiKey and has the following extension: "x-amazon-apigateway-authtype": "awsSigv4".
  • When you import an integration model, you can only a single security scheme is supported.
  • The first scheme in the securityScheme map is automatically selected.
1"securitySchemes": {
2  "Authorization": {
3    "type": "apiKey",
4    "description": "Amazon S3 signature",
5    "name": "Authorization",
6    "in": "header",
7    "x-amazon-apigateway-authtype": "awsSigv4"
8  }
9}

Example security schemes

Listed below are examples of each security scheme that can be used with Integration Models. The property names API-Token and Authorization in the API Key and AWS examples come from the name of the securityScheme property in the OpenAPI document.

API Key

1"authentication": {
2  "API-Token": {
3    "value": "<INSERT API-Token HERE>"
4  }
5}

AWS

1"authentication": {
2  "Authorization": {
3    "accessKeyId": "<INSERT accessKeyId HERE>",
4    "secretAccessKey": "<INSERT secretAccessKey HERE>"
5  }
6}

AWS Lambda

Certain AWS endpoints (i.e., AWS Sig4) may need a configured sessionToken. Itential Platform includes support for AWS Lambda, a custom extension to OpenAPI that requires a key/secret and a session token.

1"authentication": {
2  "Authorization": {
3    "accessKeyId": "awsKeys.accessKeyId",
4    "secretAccessKey": "awsKeys.secretAccessKey",
5    "sessionToken": "awsKeys.sessionToken"
6  }
7}

HTTP (Basic and Bearer)

Basic:

1"authentication": {
2  "httpBasic": {
3    "username": "<INSERT username HERE>",
4    "password": "<INSERT password HERE>"
5  }
6}

Bearer:

1"authentication": {
2  "bearerAuth": "<INSERT bearerAuth HERE>"
3}

OAuth2

1"authentication": {
2  "oauth2": {
3    "token": {
4      "access_token": "<INSERT access_token HERE>",
5      "token_type": "Bearer"
6    }
7  }
8}