Authentication
This holds the details related to the authentication of an operation / resource.
Possible Locations
When there are multiple <operation> with different scopes, you should add separate authentication configuration under the respective operation.
Attributes
| Name | Type | Description |
|---|---|---|
| type required |
String (enum) | Type of the authentication. The possible values are oauth2 and token. |
| scopes |
String (CSV) | Scope for the resource. |
| name required |
String | Name of the authentication key. |
| location required |
String (enum) | Location where the authentication key must be provided. The possible values are URL, param, and header. |
| schema required |
String | Name of the oauth or the token used in the authentication schema. |
The authentication at the operation level is given higher priority as it allows configuring different authentication for each operation. In contrast, authentication at the <resource> level is generic to all operations, regardless of different <url>, and is given the lowest priority.
Example
Assume that in the trips resource, you want to add the following authentication details.
copy
- Operation: READ
- Scope: TravelBureau.settings.trips.read and TravelBureau.settings.trips.ALL
- Authentication Type: OAuth2
- Location of the authentication is header.
Now write the authentication as shown below.
copy
<authentication type="oauth2" scopes="TravelBureau.settings.trips.read,TravelBureau.settings.trips.ALL" name="Authorization" location="header" schema="oauth2_flow" />
Last Updated 2025-05-30 16:54:59 +0530 +0530
Yes
No
Thank you for your feedback!
Send your feedback to us