<< Click to Display Table of Contents >> Authentication methods and REST connectors |
Overview
There are two types of connectors (Easy REST and Custom) as described at Creating connectors.
Note that the preferred choice when creating connectors is Easy REST, and therefore it is important that you consider the authentication methods supported by this type of connectors.
Supported authentication methods
Easy REST connectors use predefined authentication standards for the login of your connector in the external system you want to connect with.
Methods from these standards can be selected when creating the connector from the Connector Editor.
On the other hand and for Custom connectors, the authentication mechanism needs to be coded by the author creating that connector (and can use any type of authentication beyond those supported by the Easy REST one).
The authentication methods supported by Easy REST Connectors are:
•Basic
The typical HTTP basic authentication using a username and password (https://tools.ietf.org/html/rfc2617).
•Digest
Can be seen as similar to basic authentication but while adding some encryption features for the password (https://tools.ietf.org/html/rfc2617).
•OAuth 2.0
OAuth is a relatively new protocol with all of its potential oriented to cloud services (https://tools.ietf.org/html/rfc6749) which considers authorization aspects.
Because OAuth has evolved quickly and its 2.0 version has a significant flexibility, note that there are more than 2 known sub-types (i.e grant types) which imply variants in the authentication flow spec. Bizagi Easy REST connectors supports these grant types:
oClient credentials grant.
oResource owner password.
Additional ones need to be approached via a Custom connector.
Consider that regardless of the authentication method, Bizagi connectors support responses from external systems in a JSON format (XML-based responses are not supported). |
When to create a Custom connector?
Refer to the following table to help you plan if you need to create an Easy REST connector, or if some of your requirements already demand a Custom connector.
Question |
Easy REST |
Custom |
---|---|---|
Will my connector consume services other than those based on a RESTful architecture? |
✖ |
✔ |
Will my connector use OAuth 2.0 with other sub-types than 'Client Credentials Grant' or 'Resource Owner Password'? |
✖ |
✔ |
Will my connector require the use of external libraries? |
✖ |
✔ |
Will my connector require different actions than POST/GET/PUT/DELETE ? |
✖ |
✔ |
Do I need to execute logic operations within the connector? |
✖ |
✔ |
Authentication methods configuration
Within your Easy REST connector, each action can be configured with a different authentication method. To do these configurations, consider following:
1.When you create a new action in your connector, go to the Authorization tab and select any of the available authentication methods.
Every time that you create a new action, you can select the authentication method that suits the action.
Note that you may select any authentication method for each action (or none at all). If you download a connector from the Connector Xchange, the actions will not have an authentication method configured, hence, you will need to configure each action's authentication method before using the connector. For more information about these options, refer to Connector Editor user interface explained. |
2.When installing and configuring your connector in Bizagi Studio, make sure you select from the drop down list that corresponding authentication method.
When using more than one authentication method within your actions, you will need create a new configuration instance for that connector per each of the authentication method you want to use. For more information about these options, refer to Installing and configuring connectors. |
3.Finally, provide the values for the parameters that are prompted for that given type of authentication.
The exact parameters will depend on each authentication method.
Refer to the following images to view the common parameters used by each authentication method.
Basic Authentication
Basic authentication typically use username and password:
Digest Authentication
Digest authentication typically use username and password:
OAuth2 Authentication
OAuth2 authentication use different parameters according to its sub-type of authentication.
i.Client credentials grant:
ii.Resource owner credentials grant:
Multi-environment credentials
Note that you may provide different values for authentication parameters in each of the different environments (development, test and production), by switching between tabs.
It is not necessary to input details for test and production environments right away because you can edit or fill out blanks at any moment (if you do not have the intention to deploy your process at this point).