Authentication Types

Cyclr supports various authentication types and, sometimes with the addition of scripting, it is possible to establish a connection with any API.

Method Description
ApiKey  The user should provide an API key as the HTTP header for the connector.
Basic  The API uses HTTP basic authentication.
OAuth1  The API uses OAuth 1.0a authentication. Requires: ClientId (also known as ConsumerKey), ClientSecret (also known as ConsumerSecret), RequestTokenUrlAuthorizeUrlAccessTokenUrl.
OAuth2  The API uses OAuth 2 authentication. Requires: ClientIdClientSecretAuthoriseUrlAccessTokenUrl.
None  No authentication used.
AuthFields  the API needs to inject authentication fields into the POST message. Requires: NameKeyType.


These fields will only be used if the AuthType is OAuth2.

Property Description
AuthorisationCode  The client will redirect the user to the authorization server, the user will then be asked to login to the authorization server and approve the client.
ClientCredentials Client will get the access token from the authorization server without user challenge.
PasswordCredentials Client will get the access token from the authorization server using username and password.

Bearer Token

If an API requires a Bearer Token to be sent, for example when the API Key is used, then you can add Script at the Connector-level to prepend it with “Bearer “ and set it as the Authorization HTTP Header in all Requests like this:

function before_action() {
    method_request_headers.Authorization = 'Bearer ' + method_auth_value;
    return true;

Cyclr exposes the API Key entered during installation of the Connector through the method_auth_value variable in the before_action event.

Edit me