API object security scheme

Official Content
This documentation is valid for:

The API object has a security scheme that allows you to configure authentication and authorization.

Security in API objects through GAM works in the same way as in other objects that expose REST services. That is to say, you must enable the model security by setting the Enable Integrated Security property to True at the KB version level and selecting Rebuild All. Then, in the API object, you must configure the Integrated Security Level property by specifying whether you want Authentication or Authorization.

Secure REST API

In your API object, you have to set REST Protocol property = True.

Detailed steps at: HowTo: Defining an API object with a security scheme

Furthermore, the GAM Authentication and Authorization scenarios in the API object use the OAuth 2.0 protocol. Therefore, in the GAM Backend applications you have to select the "Allow authentication v.2.0?" and the "Can get user roles?" checkboxes.

Detailed steps at: HowTo: Configuring the API object security scheme

Prototype the REST API

In your API object, make sure that Generate OpenAPI interface property = Yes. After that, press F5, and GeneXus will generate the YAML file with the security information.

Now, you can use features like the Launchpad Tool Window to prototype the REST API. When using those tools, you must paste the Client Id and Client Secret information taken from the GAM Backend.

Note: You should keep in mind that the Client Id is the Application Identifier in GAM (GAM - Applications), and you can have more than one Client Id in GAM.

Detailed steps at: HowTo: Access secure REST services defined via API Objects

See Also

HowTo: Defining an API object with a security scheme
HowTo: Configuring the API object security scheme
HowTo: Access secure REST services defined via API Objects