Flex Connector Authorization

This document describes the authorization configuration option of the Flex Connector. The majority of API services will require authorization details to extract data. Panoply's Flex Connector supports multiple different authorization options natively.

Available authorization methods:

API Key

• Key - Enter the key name required for the API key. For example, apikey.
• Value - Enter the API key value.
• Add to - Choose between adding the key and value to the headers or URL parameters.

Bearer Token

• Token - Enter your Bearer Token. Panoply will automatically add Bearer to it.

Basic Auth

• Username - Enter your API username.
• Password - Enter your API password.

JWT Bearer

• Algorithm - Select the algorithm to use for the JWT token.
• Secret/Private Key - Enter the secret that’s used with the HMAC-SHA algorithm or the private key for signing the token for RS, ES, and PS algorithms.
• Secret Base64 encoded - Select this option if the secret/private key is encoded in Base64 format.
• Payload - Enter a JSON formatted payload data for your JWT token.
• Use token prefix - Select this option if there is a need to add a prefix to the JWT token in the headers.
• Token prefix - Enter the JWT token prefix to be added to the header. The default is Bearer.
• URL parameter key - Enter the URL parameter key to use when adding the JWT token to the URL parameters.
• Add to - Choose between adding the JWT token to the headers or URL parameters.

OAuth1

• Signature Method - Select the signature method to use when authenticating API calls.
• Realm - Enter the realm specified in the response header
• Consumer Key - Enter the consumer key to be identified in the dedicated API service provider.
• Consumer Secret - Available for HMAC and PLAINTEXT signatures only. Enter the consumer secret to establish ownership of the key above.
• Private Key - Available for RSA signatures only. Enter the private key to generate the authentication signature.
• Access Token - Enter the access token that represents the permissions to access the data.
• Token Secret - Available for HMAC and PLAINTEXT signatures only. Enter the token secret to establish ownership of the access token above.
• Add to - Choose between adding the access token to the headers or URL parameters.

OAuth2

• Authorization URL - Enter the URL to retrieve the authorization code from API provider authorization server.
• Access Token URL - Enter the URL to exchange the authorization code for an access token.
• Client Id - The dedicated API service client id used to generate authorization codes
• Client Secret - The dedicated API service client secret used to generate authorization codes
• Scope - Enter space delimited list of scopes based on the access required to extract your data.
• Access Token header key - Enter the header key to use with the response’s access token. By default, Panoply will use Authorization.
• Token prefix - Enter the required token prefix.
• Add to - Choose between adding the access token to the headers or URL parameters.

Refresh Acess Token

• Use Refresh Token once - Check this box if the refresh of the access token will also generate a new refresh token

• Refresh Token URL - Enter the refresh token URL
  • Headers - Enter the API call's headers in a JSON format. For example: {"type": "123..."}
  • Additional POST data - By default, the request body contains client_id, client_secret, refresh_token and grant_type values. Enter any additional or replacement POST data in a JSON format. For example: {"Client_id": "123..."}
  • Access Token response key - Enter the field path to the access token in the response.
  • Refresh Token response key - This configuration is available only when Use refresh token once is selected. Enter the field path to the refresh token in the response.
  • Error status codes - Enter a ; list of the error codes that will trigger the refresh of the access token. The Flex Connector will only attempt to refresh the access token when encountering these error codes