Authentication is a crucial pillar of API security and is the process of verifying the identity of a user making an API request. As an embedded integration platform, we need to ensure that our system has enough flexibility to handle all the different flavours of authentication that API vendors provide.
What does authentication mean?
Firstly, authentication is the procedure of verifying the identity of an individual or an object. Authentication concerning APIs refers to verifying a user’s identity before making requests to the API.
There are many different authentication methods and flows that APIs can employ as well as bespoke authentication protocols.
What are the common authentication methods?
Cyclr supports various authentication types and, sometimes with the addition of scripting, it is possible to establish a connection with any API.
Here are the authentication methods available for use with Cyclr:
- ApiKey: The user should provide an API key as the HTTP header for the connector.
- Basic: The API uses HTTP basic authentication.
- OAuth1: The API uses OAuth 1.0a authentication. Requires: ClientId (also known as ConsumerKey), ClientSecret (also known as ConsumerSecret), RequestTokenUrl, AuthorizeUrl, AccessTokenUrl.
- OAuth2: The API uses OAuth 2 authentication. Requires: ClientId, ClientSecret, AuthoriseUrl, AccessTokenUrl.
- None: No authentication.
- AuthFields: The API needs to inject authentication fields into the POST message. Requires: Name, Key, Type.
Cyclr and Authentication
Different connectors use different authentication methods. Many use OAuth, but you can also use basic usernames and passwords or API Keys.
Within Cyclr you can either authenticate the Connector at the partner level or allow your customers to authenticate on an individual account basis.
For instance, during connector setup, there is information about what you need to do in the external application to connect with Cyclr. This can include setting up or configuring an account in the third-party application, or listing the authentication credentials that you need.
These requirements to connect with a third-party application may be a specific type of account within that application or may need to adjust your settings and permissions. The authentication guide for your specific connector specifies what you’ll need to do.
For instance, to get authentication details and connect with Cyclr, you’ll need to obtain authentication details from the third-party application. You may need to get values such as the following:
- Consumer Key
- Consumer Secret
Let’s look at a specific Connector and how Cyclr handles its authentication as an example.
Slack Connector Example
Connector Setup
Slack uses OAuth 2.0 for authentication so you need to register your Cyclr Partner with Slack to obtain your Client ID and Client Secret values.
Register via https://api.slack.com/apps, select Create an App, select From Scratch then enter the following:
- App Name – a name for your App.
This is shown on-screen when users install the Slack Connector and appears as the username when posted to Slack.
As well as:
- Development Slack Workspace
This is the Slack Workspace your App belongs to, this is just to give it a “home” and doesn’t prevent it from being installed in other people’s workspaces.
After you’ve created your App you’ll need to set the Redirect URLs. This is done under the add features and functionality section’s Permissions button:
- Redirect URL: you must add a callback URL to allow Intercom to be used in your Cyclr Console and its accounts.
The URL is:
- https://{{Your Cyclr service domain e.g. http://app-h.cyclr.com }}/connector/callback
You can find your Cyclr Partner Service Domain in your Cyclr console under Settings > General Settings.
Next, you’ll need to Request Scopes. According to AuthO by Okta, “an app requests permission to access a resource through an authorisation server. It uses the scope parameter to specify what access it needs, and the authorisation server uses the scope parameter to respond with the access that was granted.”
Scroll down to the Scopes section and find Add an OAuth Scope. Scopes can be modified later by navigating to the OAuth and Permissions sidebar.
For example, adding the chat:write
scope to your Bot Token allows your app to post messages. Alternatively, if you add channels:read
, your app can access data about public Slack channels.
Finally, to get the authentication details such as Client ID and Client Secret values, go to Basic Information on the left then scroll to App Credentials.
Connecting your Connector to Cyclr
Once you’ve set up the Connector you’ll need to connect it to Cyclr for integration use.
This is done within your Cyclr console by:
- Going to Connectors > Application Connector Library.
- Use the search box to find the Slack Connector.
- Select the Setup Required icon.
Enter the below values:
- Client ID: The client ID of the Slack account.
- Client Secret: The client secret of the Slack account.
- Scope (optional): Specify scopes instead of using the default ones.
Save these changes. Just a note, if you leave any values blank, Cyclr asks for the value when you install the connector into an account. This means you can use different settings for different accounts.
Now the Connector is connected to Cyclr and available for integration builds. You are now able to build an integration workflow including the Slack Connector which means data can be sent between applications and manual tasks are now automated.
Conclusion
This is just one example of how Cyclr handles authentication with third-party SaaS applications. An embedded integration platform like Cyclr simplifies the process of working with authentication for integrations by offering a variety of pre-built API connectors and components that already have authentication capabilities included. Simply input the required credentials and you’ll be connected quickly and easily.
Our Documentation is available to anyone and contains our Connector Guides. These explain the authentication process for each of our available Connectors. If you have any questions please feel free to get in touch and we will be happy to talk you through the Cyclr platform.