Authentication methods and REST connectors

<< Click to Display Table of Contents >>

Navigation:  Bizagi Studio > Process wizard > Integrate > Application integration > Integrating APIs and extending Bizagi > Bizagi connectors > Creating connectors > Connectors concepts and guidelines >

Authentication methods and REST connectors

Overview

There are two types of connectors (Assisted REST and Custom) as described at Creating connectors.

Note that the preferred choice when creating connectors is Assisted REST, and therefore it is important that you consider the authentication methods supported by this type of connectors.

 

Supported authentication methods

Assisted REST connectors use predefined authentication standards for the login of your connector in the external system you want to connect with.

Methods from these standards can be selected when creating the connector from the Connector Editor.

On the other hand and for Custom connectors, the authentication mechanism needs to be coded by the author creating that connector (and can use any type of authentication beyond those supported by the Assisted REST one).

 

The authentication methods supported by Assisted REST Connectors are:

 

Basic

The typical HTTP basic authentication using a username and password (https://tools.ietf.org/html/rfc2617).

 

Digest

Can be seen as similar to basic authentication but while adding some encryption features for the password (https://tools.ietf.org/html/rfc2617).

 

OAuth 2.0

OAuth is a relatively new protocol with all of its potential oriented to cloud services (https://tools.ietf.org/html/rfc6749) which considers authorization aspects.

Because OAuth has evolved quickly and its 2.0 version has a significant flexibility, note that there are more than 2 known sub-types (i.e grant types) which imply variants in the authentication flow spec. Bizagi Assisted REST connectors supports these grant types:

oClient credentials grant.

oResource owner password.

Additional ones need to be approached via a Custom connector.

 

note_pin

Consider that regardless of the authentication method, Bizagi connectors support responses from external systems in a JSON format (XML-based responses are not supported).

 

When to create an Custom connector?

Refer to the following table to help you plan if you need to create an Assisted REST connector, or if some of your requirements already demand a Custom connector.

 

Question

Assisted REST

Custom

Will my connector consume services other than those based on a RESTful architecture?

Will my connector use OAuth 2.0 with other sub-types than 'Client Credentials Grant' or 'Resource Owner Password'?

Will my connector require the use of external libraries?

Will my connector require different actions than POST/GET/PUT/DELETE ?

Do I need to specify operations within the connector?

 

 

Configuration for the authentication method

To configure the authentication method as supported and used by your Assisted REST connector, consider following:

 

1.Upon creating a new connector in the Connector Editor, select the authentication method by clicking on it.

 

auth_1

 

note_pin

Note that you may select more than one authentication method (or none at all).

If you downloaded it from the Connector Xchange, check the authentication information provided in its description.

For more information about these options, refer to Connector Editor user interface explained.

 

2.When installing and configuring your connector in Bizagi Studio, ensure you select from the drop down list that corresponding authentication method.

 

auth_2

 

 

note_pin

When using more than one authentication method, you will need create a new configuration instance for that connector per each of the authentication method you want to use.

For more information about these options, refer to Installing and configuring connectors.

 

3.Finally, provide the values for the parameters that are prompted for that given type of authentication.

The exact parameters will depend on each authentication method.

 

Refer to the following images to view the common parameters used by each authentication method.

 

Basic Authentication

Basic authentication typically use username and password:

 

auth_3

 

Digest Authentication

Digest authentication typically use username and password:

 

auth_5

 

OAuth2 Authentication

OAuth2 authentication use different parameters according to its sub-type of authentication.

 

auth_4

 

i.Client credentials grant:

auth_4a

 

ii.Resource owner credentials grant:

 

auth_4b

 

Multi-environment credentials

Note that you may provide different values for authentication parameters in each of the different environments (development, test and production), by switching between tabs.

It is not necessary to input details for test and production environments right away because you can edit or fill out blanks at any moment (if you do not have the intention to deploy your process at this point).

 

auth_6