The different types of authentication available on the Blink Platform
Basic
authentication standard.
Parameter | Description |
---|---|
API Address | The API Address that you will be able to make http requests to with this connection. Pay attention that http requests to urls that don’t match the specified host and path will be blocked in order to prevent someone from sending your credentials to unwanted hosts. |
Username | The username to authenticate with. |
Password | The password to authenticate with. |
Bearer
authentication standard.
Parameter | Description |
---|---|
API Address | The API Address that you will be able to make http requests to with this connection. Pay attention that http requests to urls that don’t match the specified host and path will be blocked in order to prevent someone from sending your credentials to unwanted hosts. |
Token | The token to use in the bearer header. |
Parameter | Description |
---|---|
API Address | The API Address that you will be able to make http requests to with this connection. Pay attention that http requests to urls that don’t match the specified host and path will be blocked in order to prevent someone from sending your credentials to unwanted hosts. |
Header 1/2/3 | The header name. |
Value 1/2/3 | The header value. |
OAuth 2.0
.
Bearer
token, in accordance with the OAuth 2.0
standard.Parameter | Description |
---|---|
API Address | The API Address that you will be able to make HTTP requests to with this connection. Pay attention that HTTP requests to URLs that don’t match the specified host and path will be blocked in order to prevent someone from sending your credentials to unwanted hosts. |
Token Request URL | The URL of the token request. This URL can be outside the domain of the API Address value. |
Token Request HTTP Method | Which HTTP method to use in the token request. Currently we only support GET and POST . |
Token Extraction Path | The extraction path of the token from the token request response. |
Expiry Method | The method of setting the token expiry. We support the following: The expiry value is extracted from the token request response, The expiry value is extracted from a JWT header (given that the token itself is a JWT) and The expiry value is constant. |
Expiry Extraction Path | Available in case the Expiry Method is set to Returned in First Leg Response : The extraction path of the token expiry from the token request response. It is set in the same way as the Token Extraction Path is. |
Expiry Type | Available in case the Expiry Method is set to Returned in First Leg Response : The type of expiry value that is returned in the token request response. We currently support: The response contains the duration of validity of the token in seconds , The response contains the expiration timestamp of the token in Unix timestamp format 1152478800 , The response contains the expiration timestamp of the token in date-time format 2006-07-10T15:04:05Z02:00 . |
JWT Header Name | Available in case the Expiry Method is set to Extracted from JWT Token : The JWT header name that contains the expiration date. |
Default Expiry | Available in case the Expiry Method is set to Constant : The default expiry of the token in seconds. |
Content Type | The content type of the token request. The request body will be built in accordance with the chosen content type. We currently support application/json and application/x-www-form-urlencoded . |
Body | Token request body parameters. The body will be built according to the chosen content type. For examples of this, see the examples section. |
Headers | Token request headers. |
Disable SSL Enforcement | Enable this option to skip SSL verification of the server’s certificate chain and host name in the token request. This may increase security vulnerabilities but can be useful for testing or when custom verification is employed. |
Token Extraction Path
value is token
.
The server returns the following payload which contains nested fields:
Token Extraction Path
value is 2lo_token.token
.
Expiry Extraction Path
is responsible for the extraction of the expiry value. It has identical logic as the Token Extraction Path
parameter.Expiry Type
is responsible for the valid evaluation of the expiry value. We currently support: The response contains the duration of validity of the token in seconds, The response contains the expiration timestamp of the token in Unix timestamp format 1152478800
and The response contains the expiration timestamp of the token in date-time format 2006-07-10T15:04:05Z02:00
.JWT Header Name
is responsible for the header name that the expiration time is located in. By default, this value is exp
but may vary.Default Expiry
is the expiry time in seconds in which after the initial request, the token will expire.Body
value of grant_type: client_credentials, client_id: myClientID, client_secret: myClientSecret
application/json
application/x-www-form-urlencoded
Headers
is responsible for the header in the initial token request.
Disable SSL Enforcment
is responsible for disabling SSL enforcement for the initial token request. Note that this doesn’t affect the actions that use the connection.
Zero Trust Parameters
are responsible for all zero trust handling for all action using the connection.