Skip to main content
Version: Canary ๐Ÿšง

Access Authorization

In APIPark, subscribers subscribe to services based on applications. Each application has its own access authorization management. Once the subscription request is approved, users can use the application's access authorization information (such as API keys or tokens) to call the subscribed services. This ensures that applications adhere to security policies when calling APIs and prevents unauthorized access, ensuring the security and stability of the services.

Operation Demonstrationโ€‹

Configuring Access Authorizationโ€‹

  1. Select the application for which you need to configure access authorization and click to enter the inner page.

  1. Click Access Authorization, enter the authorization list page, and click the Add Authorization button.

  1. Choose an authentication method and fill in the relevant information. Below, Basic authorization is chosen:

Furthermore, the platform currently supports various authentication methods such as Apikey, JWT, and AK/SK, among others.

For different types of authentication methods, the relevant common configuration fields are as follows:

Field NameDescription
NameAuthentication identifier, it is recommended to use a meaningful name.
Parameter PositionThe parameter position where the authentication information is transmitted, supporting Query and Header.
Parameter KeyDefine from which key to retrieve the parameter value.
Expiration TimeAuthentication expiration time; if not set, it will never expire.
Hide Authentication InformationWhether to hide the authentication fields when forwarding to upstream services.

For more details on using authentication, you can refer to the tutorials below: