Securing a Gloop API
By adding authentication to your Gloop APIs, you can limit their availability to certain users or groups. In order to add security to a certain Gloop API, be it SOAP or REST, follow the steps below:
- Open the Gloop API editor by double clicking on the target
.apifile from the Navigator view.
- Go to the Security tab of the editor.
Choose your authentication scheme(s) by ticking any of the values under Authentication Type. The choices are:
By default, your Gloop API has no authentication scheme set. This means that everybody can access your API and thus, you cannot specify a permitted Martini user or Martini group as that won't make much sense. If there are existing permitted Martini users or groups added to the API, the API will ignore them.
- OAuth 2.0
api.basic.authmust be set to
trueto make Basic authentication work
api.basic.authin your application
.propertiesfile should have a value of
trueor else, Basic authentication will not work. Changing this value during runtime will require an instance restart.
Add a Martini user or group.
When Basic, OAuth 2.0, or both authentication schemes are selected, you may add a Martini user or group by clicking the corresponding green, '+' button. Doing so would show either the Select User dialog or the Select Group dialog. From this dialog, you can proceed to selecting to whom the API is exposed to.
Configuring users and groups
To manage Martini users or groups, use the Users and Groups interface.
Save the changes by clicking on the save button or by pressing .