Authentication methods refer to the processes and mechanisms used to verify the identity of a user, system, or application attempting to access a resource or service. Below, we list the methods supported by the Yalo integration platform.
Basic Authentication
Basic Authentication is a simple authentication scheme built into the HTTP protocol. The client sends a HTTP header with the word 'Basic' followed by a space and a base64-encoded string username:password. Due to its simplicity, it's not considered the most secure method and should be used over HTTPS to encrypt the credentials.
Bearer token
This method means that no traditional authentication is required. Instead, API tokens are used. An API token is a unique identifier of an application requesting access to a service. It's a secret, and it should be protected. When a client sends a request, it includes the API token, and the server will validate it. It's essential to use this method over HTTPS to ensure the token's security.
OAuth 2.0
OAuth 2.0 is an authorization framework that allows third-party applications to obtain limited access to user accounts on an HTTP service. It works by delegating user authentication to the service that hosts the user account and authorizing third-party applications to access the user account. OAuth 2.0 provides several grant types, including authorization code, implicit, password, and client credentials