Skip to main content

Authorization types supported by Superblocks

Superblocks supports several types of authorization for APIs. Select a type from the Authentication dropdown in your Integration's configuration page.

None

Superblocks won't send authorization details with a request unless you select an auth method. If your request doesn't require authorization, set the Authorization dropdown to None.

Basic authentication

Basic authentication involves sending a verified username and password with your request. On the Integration configuration page, set Authentication to Basic Authentication.

Check Share username/password across all users and enter your API username and password, or uncheck this option to have end-users provide their own credentials.

A prompt to the user to log in with their username and password for basic authentication

If end-users are providing their credentials, they will be stored as an HTTP-Only Secure cookie in the user's browser and sent to the Superblocks Agent.

The Superblocks Agent sends your API a Header containing a Base64 encoded string representing your username and password values, appended to the text Basic as follows:

Basic <Base64 encoded username and password>

API key

API Key auth lets you send a key-value pair to the API either in the request Header or Query Parameters. To authenticate using an API key, set the Authentication dropdown to API key in your Integration configuration.

Enter your key name and value, and select either Header or Query Params from the Add to dropdown list.

Superblocks will append the relevant information to your request Headers or the URL query string.

API key authentication for REST and GraphQL APIs

Bearer token

Bearer tokens enable requests to authenticate using an access key, such as a JSON Web Token (JWT). The token is a text string, included in the request header. On the Integration configuration page, set Authentication to Bearer Token to use this auth method.

In the Token field, enter your API key value. The Superblocks Agent will append the token value to the text Bearer in the required format to the request Authorization header as follows:

Bearer <Your API key>

OAuth 2.0

Superblocks supports many OAuth 2.0 flows for use when authenticating Integration. For a full list of supported OAuth 2.0 flows and how to use them see OAuth 2.0 docs.

Firebase

Superblocks let you authentication with REST APIs using Firebase Authentcation. Learn more about using Firebase Authentication for your API.