API Authentication

Choreo Connect provides the ability to secure APIs in API level and resource levels. The following section would concisely guide you through the available security options in Choreo Connect. API security can be divided into two main categories; namely, Application-level security and Transport-level security.

By default, APIs are secured with application security. However, if you want to disable all security for API/resource, for more information, see Disabling Security.

Application Security

Application security can be provided in the API and resource levels. The following are the API authentication types granted by Choreo Connect.

Once authenticated, end-user attributes can be passed to the backend by enabling Backend JWT Generation.