Add API key authentication

In this example, you will create an

Xtension

A set of instructions for Nintex Automation Cloud to use third-party API functionality with Nintex workflows. An Xtension may include workflow actions, start events, forms or file control. that uses API key authentication An authorization code passed in an API request, either inside the header or as a parameter, to identify the requester. to use current exchange rates to approve or reject purchase order requests.

API key authentication requires Nintex Automation Cloud to provide a secret security token when making the request An attempt to use a feature or operation of a third-party API. of the API A programming interface that defines how software can be interacted with by other software., which must be accepted by the API for the API to process the request. The token can be provided either in the request header The section of the HTTP request that defines the operation of the request, including authorization., or in the query Part of the URL that does not fit into the path structure, and provides additional information or parameters for the request. The query is prefaced by a question mark (?) in the URL, for example: http://example.com?color=blue..

When using Xtensions with API key authentication, you must create a connection The stored authorization credentials for a connector. that stores the security token so it can be passed to the API with the requests.

The complete OpenAPI Specification A standard, language-agnostic description of RESTful APIs that can be read by both humans and machines. Formerly known as Swagger. and icon for this example are available here.

Tip: Want the short version? Check out our OpenAPI Specification quick reference for quick definitions of parameter types, authentication, file handling and Specification Extensions.

API key authentication

To add API key authentication to an OpenAPI Specification, you:

  • Sign up for an API key with the service you want to use
  • Define the API key authentication object inside the securityDefinitions object
  • Reference this API key authentication object inside the HTTP method objects that require authentication

Tip: You can request additional connection information, such as a database name, using x-ntx-connection-properties, and validate your connection when it is created using x-ntx-connection-validation.

Acquire a security token for the API

The API uses a security token to identify who is making the operation call. You will provide Nintex Automation Cloud with this token when you create a connection to this Xtension. To acquire your security token for this example:

  1. Sign up to OpenExchangeRates.org for the Forever Free plan at this link.
  2. Follow the instructions on the Open Exchange Rates page to get your API key.
  3. Record the Name and the App ID somewhere safe: it identifies you to the OpenExchangeRate.org API, and should be kept secret.

Define API key authentication

Step 1: Create the basic OpenAPI Specification

Create an OpenAPI Specification that:

Note:  To ensure users only submit valid currency codes to the API, use an enum to pass the base currency parameter A piece of information passed to a third-party API during a request..

 
{
    "swagger": "2.0",
    "info": {
        "version": "1.0.0",
        "title": "Currency Rates"
    },
    "host": "openexchangerates.org",
    "basePath": "/api",
    "schemes": [
        "https"
    ],
    "produces": [
        "application/json"
    ],
    "paths": {
        "/latest.json": {
            "get": {
                "summary": "Get exchange rates",
                "description": "Get exchange rates",
                "operationId": "testBasicAuth",
                "produces": [
                    "application/json"
                ],
                "parameters": [
                    {
                        "name": "base",
                        "in": "query",
                        "required": false,
                        "type": "string",
                        "enum": [
                            "USD",
                            "GBP",
                            "EUR",
                            "AUD"
                        ]
                    }
                ],
                "responses": {
                    "200": {
                        "description": "OK",
                        "schema": {
                            "$ref": "#/definitions/rateResult"
                        }
                    }
                }
            }
        }
    },
    "definitions": {
        "rateResult": {
            "type": "object",
            "properties": {
                "base": {
                    "type": "string"
                },
                "rates": {
                    "type": "object",
                    "properties": {
                        "USD": {
                            "type": "number"
                        },
                        "GBP": {
                            "type": "number"
                        },
                        "EUR": {
                            "type": "number"
                        },
                        "AUD": {
                            "type": "number"
                        }
                    }
                }
            }
        }
    }
}

Step 2: Create the security definitions object.

Create the securityDefinitions object at the end of the OpenAPI Specification, after the definitions object but before the final closing brace. Make sure you add a comma to the end of the definitions object.

 
"definitions": {
    "rateResult": {
        "type": "object",
        "properties": {
            "base": {
                "type": "string"
            },
            "rates": {
                "type": "object",
                "properties": {
                    "USD": {
                        "type": "number"
                    },
                    "GBP": {
                        "type": "number"
                    },
                    "EUR": {
                        "type": "number"
                    },
                    "AUD": {
                        "type": "number"
                    }
                }
            }
        }
    }
},
"securityDefinitions": {
    
}

Step 3: Create the API key authentication definition

Inside the securityDefinitions object, create an object to define the API key authentication. You can name the security object any name that is unique within the OpenAPI Specification. In this example, we have named it myApiKey.

Add a type with a value of apiKey to the object to define it as API key authentication.

 
"securityDefinitions": {
    "myApiKey": {
        "type": "apiKey"
    }
}

Step 4: Add the API authentication parameter details

Inside the myApiKey object, add a name key for the parameter to hold the security token. The value must be the parameter A piece of information passed to a third-party API during a request. name defined by the API.

Add the location it will be passed in with the in key.

 
"securityDefinitions": {
    "myApiKey": {
        "type": "apiKey",
        "name": "app_id",
        "in": "query"
    }
}

Step 5: Add a security array to the HTTP method object

Inside the HTTP method object, create a security array.

 
"paths": {
    "/latest.json": {
        "get": {
            "summary": "Get exchange rates",
            "description": "Get exchange rates",
            "operationId": "testBasicAuth",
            "produces": [
                "application/json"
            ],
            "security": [
                
            ]
        }
    }
}

Step 6: Add the security object reference to the array

Inside the array, reference the security object you defined earlier by using its name as the key, and opening and closing brackets as the value.

 
"paths": {
    "/latest.json": {
        "get": {
            "summary": "Get exchange rates",
            "description": "Get exchange rates",
            "operationId": "testBasicAuth",
            "produces": [
                "application/json"
            ],
            "security": [
                {
                    "myApiKey": []
                }
            ]
        }
    }
}

The OpenAPI Specification

This is the complete OpenAPI Specification that uses API key authentication to retrieve exchange rates.

 
{
    "swagger": "2.0",
    "info": {
        "version": "1.0.0",
        "title": "Currency Rates"
    },
    "host": "openexchangerates.org",
    "basePath": "/api",
    "schemes": [
        "https"
    ],
    "produces": [
        "application/json"
    ],
    "paths": {
        "/latest.json": {
            "get": {
                "summary": "Get exchange rates",
                "description": "Get exchange rates",
                "operationId": "testBasicAuth",
                "produces": [
                    "application/json"
                ],
                "security": [
                    {
                        "myApiKey": []
                    }
                ],
                "parameters": [
                    {
                        "name": "base",
                        "in": "query",
                        "required": false,
                        "type": "string",
                        "enum": [
                            "USD",
                            "GBP",
                            "EUR",
                            "AUD"
                        ]
                    }
                ],
                "responses": {
                    "200": {
                        "description": "OK",
                        "schema": {
                            "$ref": "#/definitions/rateResult"
                        }
                    }
                }
            }
        }
    },
    "definitions": {
        "rateResult": {
            "type": "object",
            "properties": {
                "base": {
                    "type": "string"
                },
                "rates": {
                    "type": "object",
                    "properties": {
                        "USD": {
                            "type": "number"
                        },
                        "GBP": {
                            "type": "number"
                        },
                        "EUR": {
                            "type": "number"
                        },
                        "AUD": {
                            "type": "number"
                        }
                    }
                }
            }
        }
    },
    "securityDefinitions": {
        "myApiKey": {
            "type": "apiKey",
            "name": "app_id",
            "in": "query"
        }
    }
}

Create the workflow

Step 1: Add your Xtension

Import the OpenAPI Specification you created into Nintex Automation Cloud:

  1. Open your Nintex Automation Cloud tenancy.
  2. Click Xtensions in the dashboard to open the Xtensions page.
  3. Click  in the Private connector list.
  4. Click Choose a file. Navigate to the OpenAPI Specification on your computer.
  5. Wait for Nintex Automation Cloud to validate the file.
  6. Click Next.
  1. Nintex Automation Cloud detects the API key security template.
  2. Click Next.
  1. Edit the Name of the Xtension, which becomes the name of the action group in the Workflow designer.
  2. Edit the Description of the Xtension. This appears in the Private connector list in the Xtensions page.
  3. Select or upload an icon for the Xtension. This is displayed for each action or event in the Workflow designer.
  4. Click Publish.

Step 2: Create the workflow

The workflow will retrieve the currency conversion rates based on the United States dollar and compare the AUD rate against a threshold level to recommend whether purchases in Australian dollars be approved.

For more information on creating workflows, see the Workflow Designer.

To create the workflow:

  1. Click Create workflow in your Nintex Automation Cloud tenancy.
  2. Configure the Start event to be a Nintex form with two variables:
    • Email (text)
    • Purchase request (text)
    • Purchase amount in AUD (decimal)

    For more information on designing forms in Nintex Automation Cloud, see Design a form.

  3. Drag the Get exchange rates action from the action toolbox to after the Start event.
  4. Click the Connection field and select Add new connection.
  5. Type the Name you recorded from OpenExchangeRates.org in the Connection name field.
  6. Type the App ID you recorded from OpenExchangeRates.org in the Api key field.
  7. Select USD in the Base configuration field.
  8. Create a decimal variable to store the Results Rates AUD return value.
  9. Drag a Calculate a value action below the Get exchange rates action.
    For more information, see Calculate a value.
  10. Configure the Calculate a value action to:
    • Divide the purchase amount by the Result Rate variable.
    • Store the result in a new US Purchase Price variable.
  11. Drag an Assign a task action below the Calculate a value action.
    For more information, see Assign a task.
  12. Configure the Assign a task to send an Express Approval request to the financial officer with the US purchase price and item details.
    For testing purposes, use your own email as the recipient.
  13. Drag a Send an email action into each branch.
    For more information, see Send an email.
  14. Configure the Send an email actions to email the purchase requester that their request has been rejected or approved.
  15. Click Test to test the workflow.
  16. Save or publish the workflow.

Tip:  If you want to troubleshoot an Xtension, select Development as the Assigned Use when you publish the workflow. Development workflows display more detailed error messages in their instance details. Republish your workflow as Production when you're ready to use it.