Security Provider - HTTP¶
The HTTP client security provider authenticates requests made to an HTTP data source such as REST, OData, and Vinyl Connector services. The HTTP client security provider includes support for the following authentication types:
- Anonymous Authentication
- HTTP Basic Authentication
- API Key
- Bearer Token
- Proxy Server
- Delegated OAuth [DEPRECATED]
Common Configuration¶
The following parameters are commonly supported by the various authentication types below.
| Parameter | Default | Description |
|---|---|---|
| RequestHeaders | Custom HTTP headers appended to all requests. The headers must be formatted according to RFC 7230. Line folding is not supported. | |
| IgnoreTlsErrors | False | Instructs Vinyl to ignore TLS certificate validation errors. This setting is for setup and testing purposes only. Do not enable this setting on a running system. |
In addition, each authentication type can be used in conjunction with mutual authentication.
Anonymous Authentication¶
Anonymous authentication is used by default when a credential is not supplied and no other authentication type is selected. Anonymous authentication does not require any configuration. However, it can be explicitly enabled by associating the data source with a security provider that has an Authentication Type of Anonymous.
HTTP Basic Authentication¶
HTTP Basic Authentication is treated as a service account, meaning all Vinyl users authenticate with the same credential. The credential (user name and password) is configured at the data source level.
HTTP Basic Authentication is enabled in one of two ways:
- Implicit. The credential is defined at the data source level and the data source is not associated with a security provider.
- Explicit. The credential is defined at the data source level and the data source is associated with a security provider that has an Authentication Type of Basic.
Credentials¶
| Type | Description |
|---|---|
| Password | HTTP Basic Authentication user name and password. |
API Key¶
API Key authentication appends an HTTP header containing an API key. Example: X-API-Key: <api-key>
Credentials¶
| Type | Description |
|---|---|
| API Key | API key used to authenticate HTTP requests. |
Properties¶
| Parameter | Default | Description |
|---|---|---|
| ApiKeyHeader | X-API-Key | Used with the API Key authentication type. Determines the HTTP header name. |
Bearer Token¶
Bearer Token sets the HTTP Authorization header scheme and token. Example: Authorization: Bearer <bearer-token>
Credentials¶
| Type | Description |
|---|---|
| Bearer Token | Bearer token used to authenticate HTTP requests. |
Properties¶
| Parameter | Default | Description |
|---|---|---|
| AuthorizationScheme | Bearer | Determines the HTTP Authorization header's scheme. |
Proxy Server¶
Outbound HTTP requests can be routed through a proxy server. Proxy servers can add an extra layer of security, and in this scenario the proxy server acts as an intermediary between the Vinyl and data server. The proxy server settings can be used in conjunction with all other authentication types.
Endpoints¶
| Type | Description |
|---|---|
| Proxy Server | Absolute, proxy server URL, e.g., http://example.com:8888. |
Credentials¶
| Type | Description |
|---|---|
| Proxy Password | Proxy server user name and password. Whether the credentials are required depends on the proxy server. |
Delegated OAuth¶
Delegates authentication to an OAuth security provider using the Authorization Code grant.
Caution
The Delegated OAuth authentication type is deprecated. It is supported for backwards compatibility only. In Vinyl 3.2 an up, associate the data source with the OAuth security provider directly.
| Parameter | Default | Description |
|---|---|---|
| OAuthProvider | Name of the Vinyl OAuth security provider which will authorize the user. |