8 dépôts
Support for various standard authentication methods like Basic, OAuth, and Digital Certificates.
Distinct from Secure HTTP Authentication: Covers a broad set of authentication schemes rather than just the combination of Basic and Certificates.
Explore 8 awesome GitHub repositories matching security & cryptography · API Authentication Schemes. Refine with filters or upvote what's useful.
Rest-assured is a Java-based REST API testing framework and HTTP client library designed for automating web service tests. It provides a fluent domain-specific language and assertion library to send HTTP requests and validate response metadata, including status codes, headers, cookies, and bodies. The framework is distinguished by a method-chaining DSL that creates readable specifications for API interactions. It features a filter-based request interception pipeline, object-mapping serialization for converting Java objects to JSON or XML, and a path-based parsing system to isolate specific fi
Supports multiple security schemes including Basic, OAuth, and Certificates to secure outgoing API calls.
This is a Visual Studio Code extension that lets developers compose, send, and inspect HTTP requests directly from within the editor. It uses .http and .rest files as executable request definitions, parsing each block of text into a complete HTTP request that is dispatched via Node.js built-in HTTP modules without requiring a separate server process. The extension renders full HTTP responses with syntax-highlighted body, status line, and headers in a dedicated editor tab or side panel. The extension supports multiple authentication schemes including Basic, Digest, SSL certificates, Azure
Supports multiple authentication schemes including Basic, Digest, SSL, Azure AD, and AWS Signature v4.
TypeSpec is a language for defining cloud API shapes and generating OpenAPI, JSON Schema, and client/server code from a single source of truth. It functions as a protocol-agnostic API designer that models REST, gRPC, and other API protocols using a unified, extensible syntax, with a decorator-based metadata system for attaching metadata, validation rules, and lifecycle visibility to API models and operations. The compiler produces OpenAPI 3.0 specifications and other artifacts, and the tool supports declaring API versions and tracking changes to models, properties, and operations across releas
Declares which security mechanism protects each API endpoint in the service definition.
Ce projet est une pile d'identité .NET et un framework de serveur utilisé pour construire des fournisseurs d'identité OpenID Connect et OAuth 2.0 certifiés. Il fournit la logique de base requise pour émettre et valider des jetons de sécurité et gérer l'authentification des utilisateurs à travers divers types de subventions et flux de protocole. Le framework inclut une couche de traduction de protocole qui relie OpenID Connect et SAML pour permettre l'interopérabilité entre différents fournisseurs d'identité. Il prend également en charge un mode de fonctionnement sans état, qui supprime la validation et le stockage intégrés pour permettre un contrôle manuel sur la vérification des jetons et des clients. Le système couvre un large éventail de capacités, notamment le contrôle d'accès API par le biais d'un middleware de validation de jeton et l'intégration d'identité multiplateforme pour les applications de bureau et mobiles. Il dispose d'un pipeline de traitement de requête personnalisable avec des fournisseurs de persistance enfichables pour stocker les données d'identité et mettre en cache les demandes d'autorisation.
Associates specific provider names with security schemes to trigger correct authentication operations during login.
Connexion is a specification-driven framework for building APIs that automatically maps OpenAPI specifications to application logic. It uses these specifications to automate routing, request validation, and response serialization, linking API operations to backend handler functions via operation IDs. The project differentiates itself by providing a schema-driven mock server that simulates API behavior using example responses from the specification without requiring backend logic. It also includes a dynamic documentation hosting system that translates the API specification into a live interact
Supports complex security requirements by combining multiple authentication schemes using logical AND operations.
RAML is a declarative YAML-based specification language used for modeling RESTful interfaces and data structures. It functions as a contract-first API framework and modeling standard, establishing a formal agreement for service communication and a single source of truth before implementation begins. The specification enables the automation of functional mock servers and the generation of language-specific client SDKs directly from the definition files. It supports a modular approach to API design through the use of external libraries, overlays for extending contracts, and reusable traits and
Defines standard authentication mechanisms including Basic and OAuth to be applied globally or per resource.
This is a desktop HTTP client application used for constructing, sending, and analyzing HTTP and GraphQL requests. It provides a graphical interface for API development and testing, including a dedicated GraphQL client with schema-driven autocomplete and validation. The project features an integrated AI assistant that generates API requests from natural language prompts. It supports a complex organization system of spaces and collections with hierarchical authentication inheritance and recursive variable resolution for dynamic request values. The tool covers a broad range of capabilities, in
Sets security credentials using Basic, Bearer token, or API key schemes.
utoipa is a Rust API documentation tool used to generate machine-readable OpenAPI specifications. It functions as a specification generator and schema mapper that converts Rust structs and enums into compliant OpenAPI schemas. The project distinguishes itself by using procedural macros and traits to automate metadata extraction from code. It supports complex data modeling, including generics, polymorphism, and recursive type resolution, while synchronizing field renaming and tagging from serialization attributes. It also enables the composition of modular specifications, allowing multiple sma
Defines authentication schemes such as OAuth2 and API keys within the service specification.