Designing API security
As part of the API design process, you will need to specify which consumers can access your API (authentication) and what they are allowed to do (authorization).
Information noteNote: Talend Cloud API Designer allows
you to define security parameters for design and documentation purposes, but security is
not implemented automatically when using the API definition in Talend Studio.
You may want to simply define a common security for your entire API, or choose a finer policy with a specific security for a critical resource.
You may also want to specify that certain operations are freely accessible without authentication.
Talend Cloud API Designer can handle all these cases with the main security types:
- Basic authentication
- Bearer authentication
- Digest authentication
- OAuth 1.0
- OAuth 2.0
- OpenID Connect
- Custom / API key
- Pass through
Cookie authentication is not supported.