Keys

in order to communicate with a web page and perform actions, we need to establish a connection to the server via http, we call it a key create a key step 1 add keys in engini enter your engini account at https //app engini io navigate to the connections page by clicking on 'connections' in the left sidebar, where the red rectangle is, or simply click here step 2 add a new key if it’s your first key, you have 2 options click on 'new key' or click on 'create a new key' on the page step 3 enter the details after clicking on 'add key' or 'create new key', populate the fields in the pop up window basic authorization note key name, base url and additional header are records that will be in all kinds of the authorizations key name fill the name of the key base url u niform r esource l ocator this identifies the location of the resource being requested on the web server it typically includes the protocol (e g , http // or https //), the domain name or ip address of the server, and the path to the specific resource on the server enter the url you want to authorize to authorization type in basic authorization (by default) the client includes a username and password the server then verifies the provided credentials against a known list of usernames and passwords to authenticate the client it is used to ensure that only authorized users or applications are allowed to access certain resources or perform specific actions on a web server choose the type of the authorization username enter the username in the blank field it is important to note that you fill in the username of the api user and not just a user without api access privileges password enter the password in the empty field ssl certificate verification setting ssl certificate verification to true or false determines whether the client verifies the server’s ssl certificate communication channel choose the appropriate connection type based on your setup cloud if you are connecting to a database hosted in a cloud environment, select “cloud” opa if your database is on premises and you are using an on premises agent (opa) for the connection, select “opa” in this case, an additional field will appear on prem agent choose the specific on premises agent that you want to use for this connection if you have multiple agents configured additional header additional metadata about the request, such as the type of data the engini can accept, the length of the request body, and authentication information each header consists of a key value pair, where the key is the name of the parameter, and the value is the data associated with that parameter click on the “add headers” button to add an header click on the key field to enter the key, and on the value field to enter a value save click on “save” button to save the key bearer authorization note key name, base url and additional header are records that will be present in all authorizations you can refer to basic authorization to see their usage authorization type bearer token authorization is a method used for allowing access to resources by presenting a token in the http authorization header token the token is used to authenticate the client on the server bearer tokens are usually long strings of characters, and they do not include any information about the user or client in the token itself instead, the server tracks the relationship between the token and the authorized user or client enter the token in the empty field save click on “save” button to save your key oauth 1 0 authorization authorization type oauth 1 0 is a version of oauth (open authorization) that enables secure access to use oauth 1 0 authorization, you configure various parameters to ensure secure authentication and authorization add authorization to this field allows you to specify where to include oauth 1 0 authorization information you can add it to the request headers or the request url signature method defines the method used to sign the oauth 1 0 request the most used signature method for this authorization is hash based message authentication code with sha (hmac sha) hmac sha256 is used for creating secure message authentication codes (16 bytes code) hmac sha512 is used for creating secure message authentication codes (32 bytes code) consumer key this key, also known as an api key or client key, is used to uniquely identify and authenticate the application when making requests to access protected resources or apis consumer secret the consumer’s secret is used for identification with the service provider it is known only to your application and the authorization server, and it used to sign the request access token an access token is a temporary credential that grants your application access to a user’s protected resources on the service it is essential for oauth’s security system, providing secure and restricted access to protected resources token secret similar to the consumer secret, the token secret is a secret key associated with the access token it’s used to sign the request alongside the consumer secret it makes sure the person or device has the right to access specific resources callback url the destination to which the service provider redirects after obtaining authorization verifier the verification code given by the service provider after obtaining the authorization it is used as part of the access token acquisition process and helps in confirming the identity of the user nonce a string provided by a client to enhance the security of urls version specify the version of oauth in this case the version is 1 0 realm a string, provided by the server, typically contains the name of the host or server responsible for authentication it may also include additional information regarding the group of users who are eligible for access the purpose of the “realm” parameter is to provide context of the authentication it’s often left empty or set to a specific value depending on the service’s requirements include body hash selecting this option (true) enables an integrity check for request bodies of various content types and includes the oauth body hash parameter in the request setting this to “true” means adding an extra layer of security add empty parameters to signature if you select this option, any empty fields listed above will be included in the authorization encode the parameters into authorization header – only found in the request headers (as mentioned in 2 ) if set to “true,” the oauth parameters are included in the request’s authorization header this is a common way to send oauth parameters save click on “save” button to save your key