Toggle Side Panel
Close search
Back to Tutorial

Custom Connector Toolkit

0% Complete
0/0 Steps
  1. 1. Introduction to Custom Connectors
    1 Topic
  2. 2. Covering the Basics
    4 Topics
  3. 3. Creating a Cyclr Connector
    5 Topics
  4. 4. Authentication
    2 Topics
  5. 5. Methods
    4 Topics
  6. 6. Parameters
    1 Topic
  7. 7. Triggers
    2 Topics
  8. 8. Paging
    3 Topics
  9. 9. Scripting
    3 Topics
  10. 10. Webhooks
    1 Topic
  11. 11. Custom Fields
    2 Topics

Quizzes

Lesson Progress
0% Complete

Cyclr supports various authentication types and it is possible to establish a connection with any API. The most common authentication flows are:

  • Basic Authentication
  • API Key Authentication
  • OAuth2 Authentication

However, there are also many uncommon Authentication flows, and Cyclr can support them as well. Therefore, if the API you want to create a Connector for has a custom authentication flow, please get in touch with our support team, your account manager or solution architect for assistance.

While Cyclr’s included authorization methods should handle refreshing the access token automatically, deviating from industry standards may require you to handle token refreshes via script instead. For instance, if the API that you are working with requires a Bearer Token, you can set Cyclr to modify the HTTP header before sending the request.

Basic Authentication

Basic authentication, as its name suggests, is one of the simplest authentication methods. It uses a username and password combination, encoded and transmitted in the HTTP header. 

Basic authentication requires 4 steps:

  1. Create a string of: Username + ‘:’ + Password
    Example: “j.doe@email.com:password123”
  2. Encode that string with Base64.
    Example: “dG9tLndhbmxlc3NAY3ljbHIuY29tOnBhc3N3b3JkMTIz”
  3. Combine your encoded string with the word “Basic “.
    Example: “Basic dG9tLndhbmxlc3NAY3ljbHIuY29tOnBhc3N3b3JkMTIz” \
  4. Attach this final string to a request header called “Authorization”.

Luckily, Cyclr can do this automatically for you.

When the API receives a request, it will check for this “Authorization” header and decode the string to access your credentials. Below is a UML sequence diagram explaining this workflow.

API Key Authentication 

An API key is a string which can be attached to all your requests, allowing access to the API. This Key is unique for your API account.

An API Key can be attached as a Request Header, a Query String or even in the Request Body.

How can I use an API Key?

In Cyclr, you can select the API Key type authentication. This will create a header called ‘Authorization’ which has the API Key attached. If you want to rename that header, to say ‘ApiKey’ for example, you can do that in Cyclr when you set your Connector’s Authentication method.

What is OAuth2?

OAuth2 is an Authentication specification that uses a 2 / 3 stage process to authorize and authenticate a user.

The processes are:

  • Getting Client Consent – A user is trying to authorize an API within their App. A popup opens where the user can first sign in to the API, and then consent to allow their app to access the API using their credentials. When the popup closes, the window redirects back to the App with an Authorization code.
  • Getting an access_token – The user then swaps this authorization code with a ‘token’ EndPoint. The token EndPoint then returns a ‘token’ to the user.
  • Using the access__token – The user then uses their access_token with each request.

For a more in depth look at OAuth2 Authentication we recommend reading through this article on OAuth Authentication Flows.