Connect and authenticate with an API
Some services or data sources require you authenticate Confirming the identity of the person or service requesting access to a resource (Authorization) and confirming they have permission to complete that request (Authorization). These terms are often used interchangeably. Examples include username and passwords, API keys, and OAuth2.0 flows. to their system in order to perform operations A single request to a third-party API. Operations often become actions in the workflow designer.. The types of authentication accepted by the API A programming interface that defines how a software platform can receive and respond to requests from other software platforms. is declared in the OpenAPI Specification A standard, language-agnostic description of RESTful APIs that can be read by both humans and machines. Formerly known as Swagger., in the security object. The authentication methods supported by Nintex Xtensions are:
- no authentication
- basic authentication Identifying the API requestor using a username and password passed in the HTTP header.
- API key authentication An predefined string passed in an API request, either inside the header or as a request parameter, to identify and/or authenticate the requester.
- OAuth2.0 An authorization protocol that allows a user to grant access to a third-party account without revealing their credentials to the requesting software.
You can also define additional properties to be specified when the connection is created, and use the same security credentials with other hosts or basePaths in individual operations.
Authentication for Xtensions A set of workflow actions defined for a specific third-party API such as Salesforce, Box, or another service provider. Nintex Automation Cloud provides many connectors out of the box, and you can create your own custom connectors using the Nintex Xtensions framework. consists of three components:
Security objects
Security objects are defined within a securityDefinitions object, and then referenced inside the HTTP method object of every operation that requires authentication. They declare which authentication method an operation should use, if any.
Note: Nintex Xtensions only supports one authentication type per OpenAPI Specification. If the API you want to import supports multiple authentication methods, select one to use in your OpenAPI Specification.
Security templates
Security templates record any additional security information required while importing the Xtension into Nintex Automation Cloud, such as the client ID and shared secret for OAuth2 authentication.
Nintex Automation Cloud automatically provides the correct security template for the authentication type defined in the OpenAPI Specification.
Connections
In Nintex Automation Cloud, authentication credentials for both Nintex connectors and Xtension are stored in connections The stored authentication and authorization credentials for a connector.. If a connector requires authentication, workflow designers must create a connection before they can use the actions A task that can be performed or triggered within a workflow, such as moving a file, sending an email, or using third-party API functionality.. Nintex Automation Cloud detects the method of authentication declared in the OpenAPI Specification, and provides the correct fields required to establish the connection.
For Xtensions, a connection can be created while configuring the action.
See Create a connection.
If you are creating an Xtension for an on-premises application, we recommend using Nintex Gateway to handle secure connections. If you are not using Nintex Gateway, you may need to configure your firewall to allow IP addresses related to Xtensions and Nintex Automation Cloud. See the Nintex platform allowlist.
How to
- Authenticate with a username and password: Basic authentication.
- Authenticate with an API key: API key authentication.
- Authenticate using the accessCode OAuth2.0 authentication flow: OAuth 2.0 authentication.
- Validate connections when they're created: x-ntx-connection-validation.
- Collect custom properties when the connection is created: x-ntx-connection-properties.
- Use the same security credentials with a different host for specific operations: x-ntx-host.
- Use the same security credentials with a different basePath for specific operations: x-ntx-basePath.
- Integrate with an on-premises application via Nintex Gateway: Integrate on-premises applications via Nintex Gateway.
Examples
|
Create a new GitHub repository and post an issue using Basic authentication. |
|
|
Use API key authentication to convert currency and create an automatic international purchase approval workflow. |
|
Use OAuth2 authentication to create a new task list in the Google Tasks of the connected user. |
