HTTP : Determining type of Authentication
When attempting to connect to an application with an open API, it is vital to understand the various process
This is a part of "Working with APIs and HTTP connectors" :
1) Identifying Authentication method. This will help you decide whether HTTP or HTTP (OAuth2) is the right connector for you
2) Creating Actions (Understanding Input and Output data)
3) Creating Trigger actions (Understanding Polling and data gathering)
4) Tips and Tricks in working with APIs
What is Authentication?
One of the most important aspect of cloud applications is security. The fact that your data is stored in a remote part of the internet means that your application must do what it can to protect them from intrusive behaviors. Therefore, in order for actual users to access those data, the right credentials must be provided in order for it to "open the gate".
API is one of those "data gate". Given the right credentials, you will be able to access your own data as per your request. Therefore, in the world of internet, the process for you to provide the credentials and gain access to your own data is called the authentication method.
Determining Authentication Type
Different cloud applications have different rules and process for accessing its data. Fortunately, this is commonly well documented in the application's API, that is if it follows the common creed like all other applications. When attempting to connect to your application's API, each documentation will specify a section named : "Authentication" in its document index. This section will help you understand if the application's API is usable with our HTTP Connector.
Example
Typeform's API Documentation here :
In this section of Typeform's API, it says that making calls to the Typeform API requires a private API key.
Most applications only requires a standard way of authenticating the user : Via a given password (we callthis API Key or similar terms), a combination of user ID and password, and etc. Most of this applicatons will work well with the HTTP Connector provided by Workato. To learn ore about HTTP Connector, visit this link for a step by step guide.
Asana is an example documentation that uses OAuth2 authentication method. OAuth2 is an agreed upon standard guidelines for web applications when building an API. That is, all APIs that support OAuth2 has a very similar, if not identical procedures. This means that you would need to use OAuth 2 Connector to connect to your application. To learn more about Connecting with HTTP OAuth2, visit this link for a step by step guide.
What kinds of authentication do not work with Workato?
HTTP Actions are usually a "single transaction" trade of information. That is, The HTTP Connector prepares and provides the application with the request upfront, and the application response with the requested data. If the API Documentation requires more than one step, where a series of transactions of data has to take place, then application's API is not suited well for integration solutions such as Workato. If in doubt, always email your application's helpdesk to learn more about their API and how you may leverage it.
Note : Some API documentations may be old and difficult to navigate. When in question, feel free to email your application's helpdesk to determine the type of authentication method used, and ask for directions to their relevant documets