Create an Auth provider

Created:
November 25, 2024
Updated:
December 9, 2024

Various auth providers are supported and can be added when performing actions on APIs. The FireTail platform provides support for multiple authentication providers, including JWT Bearer (HS, RS, ES, PS), Bearer Tokens, and API Keys.  By configuring the appropriate authentication method, when the action runs it will generate a header for the authentication.  This allows you to authenticate your actions and securely test your APIs.

Supported authentication providers

The following types of authentication providers are supported:

  • JWT Bearer - RS 
  • JWT Bearer - HS
  • JWT Bearer - ES
  • JWT Bearer - PS
  • Bearer Token
  • API Key

To create an auth provider:

  1. Navigate to Integrations.
  2. Select the Create Auth Provider tab.
  3. Select the relevant auth provider.
  4. Enter a name.

Follow the steps detailed below for each auth provider. When you're done, click Submit. When the auth provider is set up, you will be able to select this when creating an Action. Learn more about Actions

JWT Bearer RS - RSA (RSASSA-PKCS1-v1_5) with SHA

Use this method when the API requires a JWT signed using the RSA algorithm.

Configuration:

  • Algorithm: Set to RSA-based algorithms like RS256.
  • Private (Secret) Key: Input the secret used to generate the JWT signature. The RSA private key should be in PKCS#8 PEM format.
  • Payload: The payload, entered in JSON format, contains the data to be included in the JWT token.
  • Request header value prefix: The request header value prefix, commonly set as "Bearer," is the text added before the token in the authorization header. This prefix is part of the HTTP request header format and helps indicate the type of authorization being used, but it is not included in the JWT itself.
  • JWT headers: Enter the JWT header.

Token Expiration: Tokens are valid for 1 hour by default.

Generated Header Example

{  "Authorization": "Bearer <generated_access_token>"}

JWT Bearer HS - HMAC with SHA

Use this method when the API requires a JWT signed using the HMAC algorithm.

Configuration

  • Algorithm: Set to HMAC-based algorithms such as, HS256.
  • Secret: The secret used to sign the JWT token.
  • Secret Base64 encoded: Enable if the secret is base64 encoded.
  • Payload: Define the JWT payload (e.g., sub, iss, aud).
  • Request header value prefix: The request header value prefix, commonly set as "Bearer," is the text added before the token in the authorization header. This prefix is part of the HTTP request header format and helps indicate the type of authorization being used, but it is not included in the JWT itself.
  • JWT headers: Enter the JWT header.

Token Expiration: Tokens are valid for 1 hour by default.

Generated Header Example

{  "Authorization": "Bearer <generated_access_token>"}

JWT Bearer ES - ECDSA with SHA

Use this method when the API requires a JWT signed using the ECDSA algorithm.

Configuration:

  • Algorithm: Set to ESDSA-based algorithms like ES256.
  • Private (Secret) Key: Input the secret used to generate the JWT signature. The ECDS private key should be in PKCS#8 PEM format.
  • Payload: The payload, entered in JSON format, contains the data to be included in the JWT token.
  • Request header value prefix: The request header value prefix, commonly set as "Bearer," is the text added before the token in the authorization header. This prefix is part of the HTTP request header format and helps indicate the type of authorization being used, but it is not included in the JWT itself.
  • JWT headers: Enter the JWT header.

Token Expiration: Tokens are valid for 1 hour by default.

Generated header example

{  "Authorization": "Bearer <generated_access_token>"}

JWT Bearer PS - RSA (RSASSA-PSS) with SHA

Use this method when the API requires a JWT signed using the RSASSA-PSS algorithm.

Configuration:

  • Algorithm: Set to PS-based algorithms like RS256.
  • Private (Secret) Key: Input the secret used to generate the JWT signature. The RSA private key should be in PKCS#8 PEM format.
  • Payload: The payload, entered in JSON format, contains the data to be included in the JWT token.
  • Request header value prefix: The request header value prefix, commonly set as "Bearer," is the text added before the token in the authorization header. This prefix is part of the HTTP request header format and helps indicate the type of authorization being used, but it is not included in the JWT itself.
  • JWT headers: Enter the JWT header.

Token Expiration: Tokens are valid for 1 hour by default.

Generated Header Example

{  "Authorization": "Bearer <generated_access_token>"}

Bearer token

Use this method when the API requires a simple bearer token for authentication.

Configuration

  • Token: Provide the token value. This is the token used for authentication. 

Generated header example

{  "Authorization": "Bearer <token>"}

API Key

Use this method when the API requires an API key passed as a custom header.

Configuration

  • Header Name: Specify the name of the header (e.g., x-api-key).
  • Header Value: Provide the API key value used for authentication.

Generated header example

For a header name of x-api-key and a value of 123456:

{"x-api-key": "123456"}