Static Token
  • 09 Nov 2022
  • Dark
  • PDF

Static Token

  • Dark
  • PDF

Article Summary

Static Token can also be refered to as API-key authentication or using a Personal Access Token (PAT). It is not as common of an authentication method as Basic Authentication or dynamic Two Step Token but can be used, and there is a way for the adapter to support it. Attributes of standard static token are:

  • A personal access token, api key, or some other static information is provided to log in.
  • The token does not expire, or it expires in long periods (e.g. every 3 months).
    • If the static token is changed, then it needs to be modified in the IAP service instance configuration for the adapter within IAP Admin Essentials.
  • The token can be placed into some part of the request.
  • The token can be provided alone or as part of a string.

How to set up Static Token in Adapters

Static token is handled entirely within the IAP Service Instance Configuration for the adapter. You can find this within IAP Admin Essentials and the properties we are referencing are in the authentication section. The authentication section includes other properties that are described in detail in the IAP Service Instance Configuration articles.

  • The "auth_method" should be set to ”static_token”.
  • The actual token should be provided in the token properties.
  • The "auth_field" should be set to where the authentication information should be in the request.
    • Headers are the most common placement and are referenced with header.headers. Therefore, the Authorization header should be header.headers.Authorization
  • The "auth_field_format" is the format of the data that will be sent in the request. The adapter library will replace the variables it knows about:
    • {token}

Static Token Properties Example

"authentication": {
  "auth_method": "static_token",
  "token": "adsfhjdhsaflhljafhasdjlfh",
  "auth_field": "header.headers.Authorization",
  "auth_field_format": "Token {token}" 

Other Options for Static Token

Some systems utilize variations of static token. The IAP Service Instance Configuration for the adapter is flexible enough to handle many variations including:

Option Description
Token in a different header field Change the value of "auth_field" to "header.headers.MyAuthField".
Token in a different location To locate in the url path (before query parameters), set "auth_field" to "urlpath".

To locate in the url query (after the ?), set "auth_field" to "url".

To locate in the body, set "auth_field" to "body.field”.
Different format of auth data Want to just send the token, use ”{token}”.
Can also set the "auth_field_format" to “My encoded token {b64}{token}{/b64}”.

Other Options Examples

Sample Properties

"authentication": {
  "auth_method": "static_token",
  "token": "adsfhjdhsaflhljafhasdjlfh",
  "auth_field": "header.headers.MyAuthField",
  "auth_field_format": "My encoded token {b64}{token}{/b64}" 

What's Next
Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.