Page tree

Adding authorization to an API is a critical step to ensure that only authorized users or applications can access and interact with the API. Authorization mechanisms help protect sensitive data and maintain the security and integrity of your services. 

Types of Authorization 

The Functions feature supports the following authorization mechanism:

Authorization TypeDescription

NONE

 Indicates that no authentication is required to access the API. The API is publicly accessible without any authentication credentials. 

LiveVox

Appears if the value in the Base URL field contains livevox. Automatically relays the Platform Session to each web service request.
BASIC

A simple method where you must add the username and password as part of the request header. These credentials are often encoded in base64 format, but this method is considered relatively less secure, especially when used over unencrypted HTTP.

BEARER

Bearer Token Authentication is a method where you include a token (usually a long, randomly generated string) in the request header. This token is obtained from the API provider and is used to authenticate the client system (requesting System). Bearer tokens are commonly used in Open Authorization (OAuth) 2.0 authentication to secure API access.

OAUTH

Primarily used for authorization. It allows a user (resource owner) to grant a third-party application (client) limited access to their resources without sharing their credentials.

OAUTH2

Widely used for enabling secure access to web APIs, including those offered by major service providers, such as Google, Facebook, and Microsoft. It is also used in Single Sign-On (SSO) scenarios.


  • No labels