Authentication schemes¶
We support the following authentication schemes:
OAuth2¶
For connectors that use oauth2 authentication, the following secrets are required:
Property |
Description |
|---|---|
|
Public identifier for the client. |
|
The confidential key assigned to the client application. |
and the following secrets will be injected into the system:
Property |
Description |
Type |
|---|---|---|
|
The initial token used to authenticate the client (obtained during onboarding). |
String |
|
The client id as provided in the connector configuration. |
String |
|
The client secret as provided in the connector configuration. |
String |
|
The token used to refresh the access token (obtained during onboarding). |
String |
API key¶
For connectors that use api_key authentication, the following secrets are required:
Property |
Description |
|---|---|
|
The key used to authenticate the client. |
and the following secrets will be injected into the system:
Property |
Description |
Type |
|---|---|---|
|
The api key as provided in the connector configuration. |
String |
Api key is generally less secure than OAuth2, as it is a simple key that can be easily compromised. It is recommended to use OAuth2 whenever possible (some connectors support both schemes).
Example of connectors using API key: PowerofficeGo, WooCommerce, Wix
A full connector example with API key authentication could be found in WooCommerce connector’s playground branch in the Manifest and System.
Tripletex authentication¶
This is a custom style of authentication used by the Tripletex connector. It requires the following secrets:
Property |
Description |
|---|---|
|
The unique key to create an integration with Tripletex. |
|
The token created by the administrator of the Tripletex account. |
and the following secrets will be injected into the system:
Property |
Description |
Type |
|---|---|---|
|
The consumer key as provided in the connector configuration. |
String |
|
The employee token as provided in the connector configuration. |
String |
Tripletex has production and test environments. The production accounts use
employee_tokenset by Sesam app while you have to set both tokens in the test accounts.A full connector example with custom Tripletex authentication could be found in Tripletex connector’s playground branch in the Manifest and System.
SuperOffice authentication¶
This is a custom style of authentication used by the SuperOffice connector. It is a regular Oauth2 authentication but injects an additional secret named so_ticket into the system. It requires the following secrets:
Property |
Description |
|---|---|
|
Public identifier for the client. |
|
The confidential key assigned to the client application. |
and the following secrets will be injected into the system:
Property |
Description |
Type |
|---|---|---|
|
The ticket used to authenticate the client. |
String |
|
The client secret as provided in the connector configuration. |
String |
A full connector example with custom Superoffice authentication could be found in Superoffice connector’s playground branch in the Manifest and System.
JWT authentication¶
For connectors that use jwt authentication, the following secrets are required:
Property |
Description |
|---|---|
|
The application token used to request the JWT access token. The token includes a set of access rights. |
and the following secrets will be injected into the system:
Property |
Description |
Type |
|---|---|---|
|
The JWT token used to authenticate the client (obtained during onboarding). |
String |
|
The token used to refresh the access token (obtained during onboarding). |
String |
Example of connectors using JWT: webCRM
A full connector example with JWT authentication could be found in webCRM connector’s playground branch in the Manifest and System.