Skip to main content
PUT
/
o
/
{organisation_id}
/
systems
/
{system_id}
/
auth-scheme-configs
/
{auth_scheme_config_id}
Adds or updates an auth scheme for the system.
curl --request PUT \
  --url https://platform.versori.com/api/v2/o/{organisation_id}/systems/{system_id}/auth-scheme-configs/{auth_scheme_config_id} \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "type": "none",
  "none": {
    "id": "<string>",
    "description": "<string>",
    "validationMessages": [
      {
        "text": "<string>",
        "severity": "info",
        "detail": [
          "<string>"
        ]
      }
    ]
  },
  "apiKey": {
    "id": "<string>",
    "description": "<string>",
    "name": "<string>",
    "in": "query",
    "validationMessages": [
      {
        "text": "<string>",
        "severity": "info",
        "detail": [
          "<string>"
        ]
      }
    ]
  },
  "basicAuth": {
    "id": "<string>",
    "description": "<string>",
    "validationMessages": [
      {
        "text": "<string>",
        "severity": "info",
        "detail": [
          "<string>"
        ]
      }
    ]
  },
  "oauth2": {
    "id": "<string>",
    "description": "<string>",
    "tokenUrl": "<string>",
    "scopes": [
      {
        "name": "<string>",
        "description": "<string>"
      }
    ],
    "defaultScopes": [
      "<string>"
    ],
    "grant": {
      "type": "authorizationCode",
      "authorizationCode": {
        "credentialId": "<string>",
        "organisationId": "<string>",
        "clientId": "<string>",
        "clientSecret": "<string>"
      },
      "clientCredentials": {},
      "password": {
        "credentialId": "<string>",
        "organisationId": "<string>",
        "clientId": "<string>",
        "clientSecret": "<string>"
      }
    },
    "validationMessages": [
      {
        "text": "<string>",
        "severity": "info",
        "detail": [
          "<string>"
        ]
      }
    ],
    "authorizeUrl": "<string>",
    "additionalAuthorizeParams": "<string>",
    "additionalTokenParams": "<string>",
    "mtlsEnabled": true,
    "mtlsCredentialId": "<string>",
    "pkce": true
  },
  "oauth1": {
    "id": "<string>",
    "description": "<string>",
    "consumerKey": "<string>",
    "consumerSecret": "<string>",
    "signatureMethod": "<string>",
    "validationMessages": [
      {
        "text": "<string>",
        "severity": "info",
        "detail": [
          "<string>"
        ]
      }
    ],
    "tokenAuth": true,
    "tempCredentialEndpoint": {
      "url": "<string>",
      "additionalParamConfigs": [
        {
          "parameterName": "<string>",
          "location": "LOCATION_IGNORE",
          "required": true,
          "modifiable": true,
          "targetName": "<string>",
          "usages": "USAGE_UNKNOWN"
        }
      ],
      "parameterTransmission": "AUTH_STYLE_AUTHORIZATION_HEADER"
    },
    "resourceOwnerAuthorizationEndpoint": {
      "url": "<string>",
      "additionalParamConfigs": [
        {
          "parameterName": "<string>",
          "location": "LOCATION_IGNORE",
          "required": true,
          "modifiable": true,
          "targetName": "<string>",
          "usages": "USAGE_UNKNOWN"
        }
      ],
      "parameterTransmission": "AUTH_STYLE_AUTHORIZATION_HEADER"
    },
    "tokenEndpoint": {
      "url": "<string>",
      "additionalParamConfigs": [
        {
          "parameterName": "<string>",
          "location": "LOCATION_IGNORE",
          "required": true,
          "modifiable": true,
          "targetName": "<string>",
          "usages": "USAGE_UNKNOWN"
        }
      ],
      "parameterTransmission": "AUTH_STYLE_AUTHORIZATION_HEADER"
    },
    "credentialId": "<string>"
  },
  "hmac": {
    "id": "<string>",
    "description": "<string>",
    "name": "<string>",
    "in": "query",
    "algorithm": "sha1",
    "digestInputs": [
      "body"
    ],
    "encoding": "hex",
    "validationMessages": [
      {
        "text": "<string>",
        "severity": "info",
        "detail": [
          "<string>"
        ]
      }
    ]
  },
  "certificate": {
    "id": "<string>",
    "description": "<string>",
    "validationMessages": [
      {
        "text": "<string>",
        "severity": "info",
        "detail": [
          "<string>"
        ]
      }
    ]
  }
}
'
{
  "type": "none",
  "none": {
    "id": "<string>",
    "description": "<string>",
    "validationMessages": [
      {
        "text": "<string>",
        "severity": "info",
        "detail": [
          "<string>"
        ]
      }
    ]
  },
  "apiKey": {
    "id": "<string>",
    "description": "<string>",
    "name": "<string>",
    "in": "query",
    "validationMessages": [
      {
        "text": "<string>",
        "severity": "info",
        "detail": [
          "<string>"
        ]
      }
    ]
  },
  "basicAuth": {
    "id": "<string>",
    "description": "<string>",
    "validationMessages": [
      {
        "text": "<string>",
        "severity": "info",
        "detail": [
          "<string>"
        ]
      }
    ]
  },
  "oauth2": {
    "id": "<string>",
    "description": "<string>",
    "tokenUrl": "<string>",
    "scopes": [
      {
        "name": "<string>",
        "description": "<string>"
      }
    ],
    "defaultScopes": [
      "<string>"
    ],
    "grant": {
      "type": "authorizationCode",
      "authorizationCode": {
        "credentialId": "<string>",
        "organisationId": "<string>",
        "clientId": "<string>",
        "clientSecret": "<string>"
      },
      "clientCredentials": {},
      "password": {
        "credentialId": "<string>",
        "organisationId": "<string>",
        "clientId": "<string>",
        "clientSecret": "<string>"
      }
    },
    "validationMessages": [
      {
        "text": "<string>",
        "severity": "info",
        "detail": [
          "<string>"
        ]
      }
    ],
    "authorizeUrl": "<string>",
    "additionalAuthorizeParams": "<string>",
    "additionalTokenParams": "<string>",
    "mtlsEnabled": true,
    "mtlsCredentialId": "<string>",
    "pkce": true
  },
  "oauth1": {
    "id": "<string>",
    "description": "<string>",
    "consumerKey": "<string>",
    "consumerSecret": "<string>",
    "signatureMethod": "<string>",
    "validationMessages": [
      {
        "text": "<string>",
        "severity": "info",
        "detail": [
          "<string>"
        ]
      }
    ],
    "tokenAuth": true,
    "tempCredentialEndpoint": {
      "url": "<string>",
      "additionalParamConfigs": [
        {
          "parameterName": "<string>",
          "location": "LOCATION_IGNORE",
          "required": true,
          "modifiable": true,
          "targetName": "<string>",
          "usages": "USAGE_UNKNOWN"
        }
      ],
      "parameterTransmission": "AUTH_STYLE_AUTHORIZATION_HEADER"
    },
    "resourceOwnerAuthorizationEndpoint": {
      "url": "<string>",
      "additionalParamConfigs": [
        {
          "parameterName": "<string>",
          "location": "LOCATION_IGNORE",
          "required": true,
          "modifiable": true,
          "targetName": "<string>",
          "usages": "USAGE_UNKNOWN"
        }
      ],
      "parameterTransmission": "AUTH_STYLE_AUTHORIZATION_HEADER"
    },
    "tokenEndpoint": {
      "url": "<string>",
      "additionalParamConfigs": [
        {
          "parameterName": "<string>",
          "location": "LOCATION_IGNORE",
          "required": true,
          "modifiable": true,
          "targetName": "<string>",
          "usages": "USAGE_UNKNOWN"
        }
      ],
      "parameterTransmission": "AUTH_STYLE_AUTHORIZATION_HEADER"
    },
    "credentialId": "<string>"
  },
  "hmac": {
    "id": "<string>",
    "description": "<string>",
    "name": "<string>",
    "in": "query",
    "algorithm": "sha1",
    "digestInputs": [
      "body"
    ],
    "encoding": "hex",
    "validationMessages": [
      {
        "text": "<string>",
        "severity": "info",
        "detail": [
          "<string>"
        ]
      }
    ]
  },
  "certificate": {
    "id": "<string>",
    "description": "<string>",
    "validationMessages": [
      {
        "text": "<string>",
        "severity": "info",
        "detail": [
          "<string>"
        ]
      }
    ]
  }
}

Authorizations

Authorization
string
header
required

Bearer token authentication used by the Versori Platform. External consumers must provide an API key, however internal consumers must provide a JWT id_token issued by our IdP.

Path Parameters

organisation_id
string<ulid>
required
system_id
string<ulid>
required
auth_scheme_config_id
string
required

Body

application/json

An AuthSchemeConfig describes how credentials should be used to authenticate with a System, an example being where an API key should be sent and what the header/query parameter/cookie name is. For OAuth2, this config object also contains data such as the token URL, client ID and secret, and scopes to request. This type contains a string called type which denotes which field in this object should be populated. For example if the type is api-key, then the apiKey field will be populated with an AuthSchemeConfigAPIKey object.

type
enum<string>
required

Type is a unique identifier of the AuthScheme, this is a kebab-case formatted string, see enum values for possible options.

Available options:
none,
api-key,
basic-auth,
oauth2,
hmac,
jwt-bearer,
certificate,
oauth1,
secret
none
None · object

AuthSchemeConfigNone is a placeholder object with the schemeType set to none. There is no other configuration required.

apiKey
API Key · object

AuthSchemeConfigAPIKey defines how a Connector uses an API key credential to authenticate with the system.

basicAuth
Basic Auth · object

AuthSchemeConfigBasicAuth is a placeholder object with the schemeType set to basic-auth. There is no other configuration required.

oauth2
OAuth 2.0 · object

AuthSchemeConfigOAuth2 defines how a Connector uses an OAuth2 credential to authenticate with the system. This is to be used for all OAuth 2.0 flows which require a client ID and client secret as part of the Connector's configuration. Connectors which use the client_credentials grant type, where the user provides the Client ID and Client Secret at the point where they connect, should use the AuthSchemeConfigOAuth2ClientCredentials type instead.

oauth1
OAuth 2.0 · object
hmac
HMAC · object

AuthSchemeConfigHMAC defines how a Connector uses an HMAC credential to authenticate with the system.

This may be used on outbound requests to sign the request body, however it is more commonly used on inbound requests (i.e. from Webhook Triggers) to verify the sender of the request is allowed to invoke the Trigger.

certificate
TLS Certificate · object

AuthSchemeConfigCertificate is a placeholder object with the schemeType set to certificate. There is no other config required

Response

Created

An AuthSchemeConfig describes how credentials should be used to authenticate with a System, an example being where an API key should be sent and what the header/query parameter/cookie name is. For OAuth2, this config object also contains data such as the token URL, client ID and secret, and scopes to request. This type contains a string called type which denotes which field in this object should be populated. For example if the type is api-key, then the apiKey field will be populated with an AuthSchemeConfigAPIKey object.

type
enum<string>
required

Type is a unique identifier of the AuthScheme, this is a kebab-case formatted string, see enum values for possible options.

Available options:
none,
api-key,
basic-auth,
oauth2,
hmac,
jwt-bearer,
certificate,
oauth1,
secret
none
None · object

AuthSchemeConfigNone is a placeholder object with the schemeType set to none. There is no other configuration required.

apiKey
API Key · object

AuthSchemeConfigAPIKey defines how a Connector uses an API key credential to authenticate with the system.

basicAuth
Basic Auth · object

AuthSchemeConfigBasicAuth is a placeholder object with the schemeType set to basic-auth. There is no other configuration required.

oauth2
OAuth 2.0 · object

AuthSchemeConfigOAuth2 defines how a Connector uses an OAuth2 credential to authenticate with the system. This is to be used for all OAuth 2.0 flows which require a client ID and client secret as part of the Connector's configuration. Connectors which use the client_credentials grant type, where the user provides the Client ID and Client Secret at the point where they connect, should use the AuthSchemeConfigOAuth2ClientCredentials type instead.

oauth1
OAuth 2.0 · object
hmac
HMAC · object

AuthSchemeConfigHMAC defines how a Connector uses an HMAC credential to authenticate with the system.

This may be used on outbound requests to sign the request body, however it is more commonly used on inbound requests (i.e. from Webhook Triggers) to verify the sender of the request is allowed to invoke the Trigger.

certificate
TLS Certificate · object

AuthSchemeConfigCertificate is a placeholder object with the schemeType set to certificate. There is no other config required