API Connections

In order to perform calls to an API in your plugin, you first need to configure the API connection to properly authenticate with the external service.

1. API Authentication

The API you want to connect to probably has some kind of authentication needs in order to it on behalf of a user.

Infinable supports the following authentication schemes: Basic Auth, Digest Auth, API Keys, Session-based Auth or OAuth V2.

a. Basic Authentication

See reference here.

Infinable users will provide their username and password to authenticate with your API.

This is also the scheme you want to use if your API relies on Basic Auth, but with atypical values for the username and password. For instance, an API that uses an API Key as the username and a dummy value as the password would still want to select Basic Auth for their App. We'll use this as the example.

b. Digest Auth

...

c. API Keys

...

d. Session-based Auth

This type can be used for almost any authentication where user provided credentials get exchanged for some kind of session token.

You first need to specify the authentication fields that are needed for the session-based authentication.

Then you define a getTokenInfo() function that will handle the exchange of the authentication fields for the session token and returns an object like:

{
token: "xxxxxx",
userId: "xxxx"
}

Then, you have to map the fields and/or the properties returned by getTokenInfo() to parameters the API expects, and select if it expects them as headers or query string parameters.

For example, if the API expects to receive the token in an header named X-Token the auth mapping could be:

{
"X-Token": "{{token}}"
}

And we set Auth Placement to Header

We will call getTokenInfo() the first time or when we receive a 401 HTTP status or InvalidSessionException is thrown.

e. OAuth V2

We currrently only support one type of OAuth flow.