Authentication Methods for an External API Using Intrexx
Intrexx allows you to easily create API endpoints, but what are the methods for authenticating to those?
Intrexx provides two types of API endpoints:
- Application API:
/api/app/<your-app-guid>/<your-endpoint-name> - Portal API:
/api/app/<your-endpoint-name>
Creating an API Endpoint in an Application
When setting up an API endpoint, you will need to fill in the following details:
- Name: Your API endpoint name
- Description: (Optional) A brief explanation of the endpoint's purpose
- Type:
- Data Group Endpoint: Performs CRUD operations on a data group within the application
- Process Endpoint: Triggers a backend workflow
- Groovy Endpoint: Executes a Groovy script
Enhancing Security
After creating the endpoint, you can add an extra layer of security by generating an API key under the API Keys tab.
Additionally, you can define API roles, which function as groups for API keys. Any modifications to the role will automatically apply to all associated keys.
Managing API Endpoints
From the API management interface, you can:
- View all API endpoints, including portal endpoints.
- Enable or disable specific endpoints.
- Generate Swagger documentation for better API visibility.
Calling Your API Endpoint
To call an API endpoint /api/app/<your-app-guid>/<your-endpoint-name>, you must include authentication in the Authorization header. You can use either:
- A Bearer Token containing your CSRF token.
- An API Key.
Authentication Behavior
- If an API key is used, the request will be associated with the user linked to that key.
- To specify a different user for the API call, use a Bearer Token. This token can be obtained from the default portal login endpoint
/service/login/loginor other authentication method/service/login/getAuthenticationTokenTypes- returns all available authentication methods.
If you wish to learn more about these, check out the official Intrexx documentation.