Connection Strings: HTTP/S

This section provides an overview of various configuration settings available with DataZen to authenticate with HTTP/S services, such as cloud platforms, social media endpoints, or other Web APIs.

No Authentication

Enter the service URI to call. Although this is generally also the service endpoint, certain HTTP/S endpoints have a different URI for authentication. This URI should be the one used to authenticate.

This screenshot shows you how to configure an HTTP/S endpoint that does not require authentication.

Avoiding a trailing '/' at the end of the URI can make it easier to configure HTTP / REST calls on other screens.

See the Rate Limiting section for information on how to control the frequency of HTTP/S calls.

API Key Authentication

For HTTP/S Services that require an authentication key, choose API Key for the authentication mode. This setting requires two values: the key name and its value (the secret).

By default, this API Key is provided as an HTTP Header. Click on the Send as Query String... to send the API Key and Secret as a query parameter instead.

If the secret provided needs to be Base64 encoded, click on the Encode Secret... option.

Example: ActiveCampaign

The ActiveCampaign service uses API Keys for authentication.

  • URI: https://COMPANYNAME.api-us1.com/api/3/
  • Authentication: API Key
  • Parameter: Api-Token
  • API Key: SECRET provided by ActiveCampaign

Basic Authentication

For HTTP/S Services that require user authentication, choose Basic. This setting requires two values: the User ID and a password.

This authentication mechanism always uses an Authorization HTTP Header.

If the secret provided needs to be Base64 encoded, click on the Encode Secret... option.

Example: Twilio

The Twilio service uses Basic Auth for authentication.

  • URI: https://api.twilio.com
  • Authentication: Basic Auth
  • User Id: Your Twilio Account Id
  • Password: SECRET provided by Twilio
  • Base64-Encoding: Yes

Token Authentication

For HTTP/S Services that use Token based authentication, choose Token. This setting requires one value: the token value.

This authentication mechanism always uses an Authorization HTTP Header.

If the secret provided needs to be Base64 encoded, click on the Encode Secret... option.

Bearer Authentication

For HTTP/S Services that use Bearer authentication, choose Bearer. Bearer authentication can be complex to setup but is considered more secure. Most services require a Bearer Token; some also use Refresh Tokens to generate new Bearer Tokens over time.

The following Bearer Token grant modes are supported:

  • Authorization Code: this flow requires you to first authenticate to the service using a browser and approve access to your account. To issue tokens using this method, click on the Obtain OAuth Token... link.
  • Implicit: Some services do not require user authorization; instead tokens are generated directly using application secrets provided by the service. To issue tokens using this method, click on the Obtain OAuth Token... link.
  • Service Tokens: Some services (such as Twitter) provide long-lived Bearer Tokens directly; they are created once by the service and never change; when using long-lived bearer tokens, simply copy and paste the token in the Bearer Token field.

DataZen supports the creation of Bearer Tokens using client-flow authentication. If the service uses client-flow authentication, see the OAuth Tokens section for more information.

Some services, such as Twitter or MailChimp require you to first create an Application in your account, or in a developer account you created with the service provider. In some cases, it may take a few days for your application to be approved. Contact us for assistance if needed.

Session/Custom (JWT) Authentication

For HTTP/S Services that use session-based authentication such as a JWT token, choose Session/Custom. Configuring JWT Tokens is possible and requires the use of a Private Key.

Session Endpoint

Enter the necessary information to call the session endpoint, such as its URI and the payload it requires for POST/PUT operations. The payload can use the {jwt} token as a replacement parameter. For example, the Google Analytics API uses this payload:

grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer&assertion={jwt}

JWT Security Token

If the service endpoint returns a security token, check the Endpoint returns a security token; this option provides additional options to read the token and use it as the authentication token. The Response Node is the path to use within the JSON or XML document returned in which the token will be found. The token can either be used as Bearer Token header or as part of a Query Parameter for which the parameter name needs to be specified.

Using the JWT Payload Setup Screen

When a JWT token is used, click on Build JWT Token... to setup the token. You will need to specify the correct settings as required by the Session endpoint. This sample screen shows you the Google Analytics GA4 settings, with custom claims.