API Security

The Open API specification defines an optional set of authentication methods that can be applied on operations in a granular manner. If an API requires authentication so that the consumer’s identity can be verified, this chapter chapter will give you a walk through on how to activate security features.

Heads up!

Only two authentication methods are currently supported: Basic and API key.

Activating an authentication method

In the API explorer and under the section Security of the API definition, a list of cards are displayed based on the security definitions.

Security methods

You can activate the authentication method of choice directly from the card.
A modal will be displayed prompting you to enter all required credentials, depending on the authentication scheme.

Security credentials

Once the credentials have been entered they become available for interacting with the API. At any point in time you can alter or deactivate the security method directly from this card.

Security activated

Supported security methods

Heads up!

All authentication credentials are stored locally on your Chrome browser by the extension. You can find out more in the F.A.Q..

Basic authentication

APIs using basic HTTP authentication method as a security scheme, will require you to enter a set of credentials consisting of a username and password issued by the provider.

API key authentication

APIs secured using an API key authentication method will require you to enter a key issued by the provider. The API key authentication requires no password.

Read next: Open API catalogs