Adding an authentication source to an API

Add an authentication source on the Configure APIs and Applications > Deployed APIs page.

Before you begin

1. In Integration, deploy an API Service or Proxy component.
2. Add an Authentication Source.

Procedure

1. On the Deployed APIs page, navigate to the Deployed API that you want to specify an authentication source for.

   For APIs that are deployed to an environment that contains an API Gateway, the Authentication column has default text that reads API Key Controlled meaning that the API inherits its authentication from the API Key defined in the Application's subscriptions for that API Gateway on the Configure APIs and Applications > Applications page. Each subscription can have its own plan associated with it, allowing specific users to be given specific API Keys for customized access.

   For APIs that are deployed to an environment that does not contain an API Gateway, the Authentication column has default text that reads runtime Controlled meaning that the API inherits its authentication based on the security set on the runtime within Integration.

2. Click on the text in the Authentication column.

   The Authentication Information page opens.

3. Specify Authentication Provider as the Authentication Type.

4. In the Authentication Source field, specify the source from the drop-down list.

5. Optional: Expand the Restrictions by Role section, click Add a Restriction, and select the appropriate internal role from the list. Then, click Finish.

   To access a deployed API that has restricted roles, a user needs one of their roles to match the restricted role set in the Restrictions by Role section.

6. Click Save.

   note

   If the authentication source is JWT, a notification displays with the redirect URI to add to your IDP for API execution using JWT in the Developer Portal.