API Authentication

Nected provides authentication configuration and authentication keys, available under credentials tab, to ensure the absolute safety of your data.

Authentication Config

If you need to call an authenticated API (internal or 3rd party), you can create a REST API Integration that will automatically authenticate the endpoint when it is called. Authenticated API Integrations automatically fetch a token if needed and manage the caching of the tokens.

Authentication is checked directly before each API execution. When an API is executed in Superblocks, the execution environment first checks to see if non-expired tokens are cached. If not, the tokens are refreshed.

You can generate a new authentication configuration using the +New Authentication button.

Nected supports the following two types of authentication configuration:

1. Bearer Token

Use this option from the list of available authentication configuration options to authenticate using a bearer token, which are used for HTTP authentication. Provide a private authentication key while creating a token, which will be used while executing the API using a bearer token.

Anytime you use this integration, the Token value will be appended to the text Bearer in the required format to the request Authorization header as follows Authorization: Bearer <Your API Key>.

2. API Key

API Key auth lets you send a key-value pair to the API either in the request Header or Query Parameters. To authenticate using an API Key, choose this option from the list of available authentication methods. In the Key field, specify the Header key or Query Parameter that will be used. In the Value field, enter the API Key.

Anytime you use this integration, the relevant information will be appended to your request Headers or the URL query string.

Authentication Keys

Authentication Keys are Nected-generated API keys that are used to secure API calls to trigger Nected Rules.

Refer to the Triggering a Rule using an API page to know how to configure & secure Rule API to use one of these API keys.

Once Rule API is marked as Private, you can use any of the Authentication keys to pass in the header to authenticate Rule API. API Keys would be common for all environments, though you can use different authentication methods for staging and production environments.


If you pass invalid API keys in Rule API marked as Private, it will throw an "unauthorized access" error

Nected provides a pre-configured authentication key, named Auth_key_1. You can generate a new authentication key using the + Generate Key button.

The following figure shows the Credentials page of the Nected platform:

You can update the authentication key name and click Update to modify the name of the key. Use the delete icon and confirm the delete operation to delete an existing authentication configuration or authentication key.

OAuth 2.0

To integrate any 3rd party Apps supporting only OAuth 2.0, this is authentication method that you can use while setting API connectors for those Apps. To know more around different types of OAuth and step-wise guide, click here.

Last updated