Unless the API you want to extract from is completely public, you need an authentication and possibly also an authorization method. There are many authentication methods available. Generic Extractor supports the following ones:
Authorizationheader of each API request.
Use the authentication method supported by the target API. If the API supports multiple authentication methods, the URL Query and Basic HTTP methods are the easiest to set up; but they are also the least secure.
An example authentication configuration looks like this:
Generic Extractor also supports authentication using the OAuth standard. Due to the principles of OAuth, this authentication method is supported only for published components. The OAuth protocol defines a scheme in which credentials are exchanged between the following:
The OAuth specification defines what kind of information is exchanged in which steps. It is not a precise
specification and leaves quite some freedom to the implementation. Also, there are two versions of
OAuth — 1.0 and 2.0. They are completely incompatible (both the authentication steps and the exchanged fields differ).
Both OAuth 1.0
and OAuth 2.0
are supported by Generic Extractor. If you are developing a new component using Generic Extractor
templates and want to use and test OAuth authentication,
inject the necessary credentials simply by passing them
authorization property of the configuration.