Various auth providers are supported and can be added when performing actions on APIs. The FireTail platform provides support for multiple authentication providers, including JWT Bearer (HS, RS, ES, PS), Bearer Tokens, and API Keys. By configuring the appropriate authentication method, when the action runs it will generate a header for the authentication. This allows you to authenticate your actions and securely test your APIs.
Supported authentication providers
The following types of authentication providers are supported:
JWT Bearer - RS
JWT Bearer - HS
JWT Bearer - ES
JWT Bearer - PS
Bearer Token
API Key
To create an auth provider:
Navigate to Integrations.
Select the Create Auth Provider tab.
Select the relevant auth provider.
Enter a name.
Follow the steps detailed below for each auth provider. When you're done, click Submit. When the auth provider is set up, you will be able to select this when creating an Action. Learn more about Actions.
JWT Bearer RS - RSA (RSASSA-PKCS1-v1_5) with SHA
Use this method when the API requires a JWT signed using the RSA algorithm.
Configuration:
Algorithm: Set to RSA-based algorithms like RS256.
Private (Secret) Key: Input the secret used to generate the JWT signature. The RSA private key should be in PKCS#8 PEM format.
Payload: The payload, entered in JSON format, contains the data to be included in the JWT token.
Request header value prefix: The request header value prefix, commonly set as "Bearer," is the text added before the token in the authorization header. This prefix is part of the HTTP request header format and helps indicate the type of authorization being used, but it is not included in the JWT itself.
JWT headers: Enter the JWT header.
Token Expiration: Tokens are valid for 1 hour by default.
Use this method when the API requires a JWT signed using the HMAC algorithm.
Configuration
Algorithm: Set to HMAC-based algorithms such as, HS256.
Secret: The secret used to sign the JWT token.
Secret Base64 encoded: Enable if the secret is base64 encoded.
Payload: Define the JWT payload (e.g., sub, iss, aud).
Request header value prefix: The request header value prefix, commonly set as "Bearer," is the text added before the token in the authorization header. This prefix is part of the HTTP request header format and helps indicate the type of authorization being used, but it is not included in the JWT itself.
JWT headers: Enter the JWT header.
Token Expiration: Tokens are valid for 1 hour by default.
Use this method when the API requires a JWT signed using the ECDSA algorithm.
Configuration:
Algorithm: Set to ESDSA-based algorithms like ES256.
Private (Secret) Key: Input the secret used to generate the JWT signature. The ECDS private key should be in PKCS#8 PEM format.
Payload: The payload, entered in JSON format, contains the data to be included in the JWT token.
Request header value prefix: The request header value prefix, commonly set as "Bearer," is the text added before the token in the authorization header. This prefix is part of the HTTP request header format and helps indicate the type of authorization being used, but it is not included in the JWT itself.
JWT headers: Enter the JWT header.
Token Expiration: Tokens are valid for 1 hour by default.
Use this method when the API requires a JWT signed using the RSASSA-PSS algorithm.
Configuration:
Algorithm: Set to PS-based algorithms like RS256.
Private (Secret) Key: Input the secret used to generate the JWT signature. The RSA private key should be in PKCS#8 PEM format.
Payload: The payload, entered in JSON format, contains the data to be included in the JWT token.
Request header value prefix: The request header value prefix, commonly set as "Bearer," is the text added before the token in the authorization header. This prefix is part of the HTTP request header format and helps indicate the type of authorization being used, but it is not included in the JWT itself.
JWT headers: Enter the JWT header.
Token Expiration: Tokens are valid for 1 hour by default.