Skip to content
On this page

Service authorization

Protected Services have different authentication and authorization requirements that have to be met in order to send requests. To be able to send requests to your service you have to pass on the service specific authorization information. Netzo safely stores the authorization credentials of all your services for you.

Authorization Types

The following table gives an overview of the currently supported auth types for the supported specs:

Auth TypeSupport
No auth
Basic auth
Bearer token
API key
OAuth2

Key: ✅ - supported, ⌛ - work in progress, ❔ - in consideration, N/A - not applicable

Not on the list?

Do not hesitate to contact us by email at [email protected] or by filling out this form.

No auth

By default Netzo sends requests with no authorization details. If your service does not require any authorization details you may go ahead and start using your service right away.

Basic auth

Basic auth schema is a simple authentication method built into the HTTP protocol. The client must provide a user name and password when sending HTTP requests. For this, the request contains a header field in the form of Authorization: Basic <CREDENTIAL>, where credential is the Base64 encoding of username and password joined together by a single colon.

To use this auth type select HTTP and basic options, and fill-out the following required fields:

  • username
  • password

Bearer auth

Bearer auth (also refered to as token authentication) schema is a simple HTTP authentication schema that uses security tokens (referred to as bearer tokens). Bearer tokens are text strings that are included in the request header in the form of Authorization: Bearer <TOKEN> and act as access keys.

To use this auth type select HTTP and bearer options, and fill-out the following required fields:

  • token

API key

API keys is a security schema that uses simple encrypted strings to identify an application or project that is calling the API. API keys include a key-value pair in the request headers or query parameters when sending requests to an API. After selecting this security schema from the dropdown field, you must provide the key-value pair before confirming to save your changes.

To use this auth type select API Key, select how to send the API key (header, query, or cookie), and fill-out the following required fields:

  • name
  • value

Multiple API Keys

Some APIs use security key pairs (API key and App ID) for authentication. For the time being we do not support multiple API Keys out of the box.

OAuth2

Authorizing Services via the OAuth2 protocol within Netzo is not yet supported

OAuth2 is an authorization mechanism that gives API clients limited access to user data on a web server.

This authorization mechanism requires 3 pieces of information to generate an Access Token:

  • Client ID: A unique identifier for the client application.
  • Client Secret: A secret that is used to authenticate the client application.
  • Authentication URL: The URL that the client application uses to authenticate with the server.

You can use external services such as Hopscotch or Postman to easily generate a token.

The general steps are as follows

  • (1) Add your services Client ID, Client Secret and Authorization URL within the authorization configuration
  • (2) Look for a button to "Generate Token" or "Authorize", you will be prompted to log into the account of your authentication provider
  • (3) After successful generation, retrieve the Token contained in the response
  • (4) Set the Access Token as Bearer token in header or query parameters within the Netzo service authorization overlay.
Service authorization has loaded