Authentication deals with understanding who is requesting a resource. It is distinct from authorization, which deals with whether or not an authenticated entity is allowed to access a resource. This section is concerned with authentication.
Types of Authentication
You can interact with Nexus211 in two modes: as an Application, or as a Profile.
Applications
A registered Nexus211 app can use Basic Auth method to authenticate itself.
The username is the app's Client ID and the password is Client Secret.
If the app wants to act on behalf of on another organization, it can do so by using the Client Secret granted by following the "Third-party Apps" flow.
import * as axios from "axios";
const nexus211Api = axios.create({
baseURL: "https://api.nexus211.com",
auth: {
username: "Nexus211 client ID",
password: "Nexus211 client Secret",
},
});
Profiles
Profile authentication is possible only using the OAuth flow. To achieve that, you must first create an Application. This Application should initiate the OAuth flow with the proper parameters.
At the end of the OAuth flow, you'll receive an access token. You can pass this token to Nexus211 like so:
import * as axios from "axios";
const token = "access token acquired using OAuth";
const nexus211Api = axios.create({
baseURL: "https://api.nexus211.com",
headers: {
Authorization: `Bearer ${token}`,
},
});
💡 When you are authenticated as a Profile, certain endpoints might be disallowed depending on the Profile's role.