Skip to content

Authentication

Jump to bottom Edit New page
Anuja Kumar edited this page Oct 30, 2015 · 6 revisions

RESTFiddle supports authentication in APIs- APIs to access and operate on entities as well as external APIs.

Operations on Entities

In order to use the CRUD REST API of entities, you will first need to obtain an authentication token, which will need to be passed in for each request using the header.

Create Predefined Entity User. Create user and run Login User API. In response, authToken will be returned. This authToken will be used for further requests. Login User to get authToken

Copy this token and add it to header to request that you want to run. Pass key as authToken and this copied value as its value. Authenticate using authToken

###External APIs Select from the type of authentication listed under Auth section of request.

Authentication

OAuth 2 Support

There is yet another milestone achievement in RESTFiddle! We have successfully tested Google Plus API using this platform. That also means successful OAuth 2 authentication using RESTFiddle. We fetched a Google Plus profile using Google APIs. Here is what needs to be done:

  1. Obtain OAuth 2 credentials from the Google Developers Console: Visit the Google Developers Console(https://developers.google.com) to obtain OAuth 2.0 credentials such as a client ID and client secret that are known to both Google and our application i.e. RESTFiddle. The set of values varies depending on the type of application. For example, a JavaScript application does not require a secret, but a web server application does.

  2. Select OAuth 2 from the 'Auth' dropdown of the request. Enter Authorization Endpoint as https://accounts.google.com/o/oauth2/auth, enter the generated client ID and scope as 'profile'. Scope controls the set of resources and operations that an access token permits. Click 'Get Access Token'. Authentication is asked for in a new window. After logging in, the user is asked whether they are willing to grant the permissions that your application is requesting. User consent is required else you will get error.

OAuth Google

  1. Now you can see the Access Token returned by Google Authorization Server. RESTFiddle does the work of entering this token in HTTP authorization header. This token will be used in further API requests.

OAuth Google Access Token

  1. Now enter the request URL and run it. You can see the data returned by the request in the response section:

OAuth Google Access Token

OAuth Google Access Token

Refer http://blog.restfiddle.com/2015/01/there-is-yet-another-milestone.html for more details.

RESTFiddle is an Enterprise-grade API Management Platform for Teams. It helps you design, develop, test and release APIs.

Getting Started

Workspace

Project

Request Builder

Asserts

Request Header

Authentication

Activity Log

Starred

Tagging

Collaboration

Project Runner

PDF Report

API Builder

User Profile

WebSocket

Swagger

Clone this wiki locally