Locoia
  • Overview
  • Account and User Settings
    • User types
    • Adding Users
    • Teams
    • Access Permissions
    • 2 Factor Authentication 2FA
    • Versioning and Snapshots
    • Activity Log
  • Reset your Password
  • Invoices and Payments
  • Automation
    • Flow Builder
      • Flow Building Best Practices
      • Jinja Template Language
        • Jinja: (Custom) variables, wildcards and functions
        • Magic Code Samples
      • Connectors & APIs
        • Titles and References
        • Referencing data of objects, lists, arrays - how to pass data dynamically
        • Accessing Objects with JSONPath
        • Merging nested JSON objects
        • Parsing JSONs from String
        • Response Headers & Status Codes
        • Custom Data Fields
        • Wildcard API calls and actions
        • Response cleaning
      • Text Strings, Date & Time, Numbers and Currencies
        • Text and Strings
        • Dates & Time
        • Numbers (Thousand Separators, Currencies)
      • Email-formatting
      • Code Fields
      • Running single Flow steps
      • Flow run data retention, logging, and error notifications
      • Advanced View
      • Dynamic Title
      • Custom Error Handling
      • Error Handling Flows
      • Automatic Pagination
    • Flow Debugger
      • Automatic Retrying
      • Run Flows again
      • Troubleshooting Flows
    • Community Library
  • Connectors & Helpers
    • Connectors
      • Monday.com
      • ActiveCampaign
      • Aircall
      • Allthings
      • Amplitude
      • Animus
      • Assetti
      • Awork
      • AWS RDS Database - How to connect
      • bubble.io
      • Casavi
      • Chargebee
      • CleverReach
      • comgy
      • commercetools
      • Everreal
      • Exact Online
      • Facebook Marketing
      • Fahrländer Partner
      • FastBill
      • FILESTAGE.io
      • Freshdesk
      • Freshsales
      • Google Ads
      • Google Ads Lead Form
      • Google Analytics
      • Google Chat
      • Google Drive
      • Google Sheets
      • Gmail
      • HubSpot
      • Heyflow
      • iDWELL
      • ImmobilienScout24
      • Instagram Ads
      • Intercom
      • klaviyo
      • Kiwi Opening Doors
      • Klenty
      • Klipfolio
      • Kolibri CRM
      • konfipay
      • KUGU
      • Shopify
      • S3 AWS
      • SQS AWS
      • Lambda AWS
      • Learnster
      • lexoffice
      • LineMetrics
      • Linkedin
      • Locoia
      • Notion
      • MailGun
      • Makula
      • Microsoft Dynamics 365
      • Microsoft OneDrive
      • MixPanel
      • MongoDB
      • Odoo
      • OnFleet
      • OnOffice
      • Oracle NetSuite
      • Outbrain
      • Quickbooks
      • Trello
      • PandaDoc
      • Personio
      • Pinterest Ads
      • Pipedrive
      • Plentific
      • PriceHubble
      • relay
      • REALCUBE
      • Sage ERP
      • Salesforce
      • SAP
      • Scoro
      • Seafile
      • sevDesk
      • SharePoint
      • SharpSpring
      • Slack
      • Snapchat Marketing
      • Snowflake
      • Teamleader Focus
      • Teamwork.com
      • Tableau
      • TikTok
      • TinQwise
      • The Trade Desk
      • Twitter
      • Typeform
      • WordPress
      • Xero
      • Youtube
      • Zendesk
      • Zoho CRM
      • Zoom
    • Helpers
      • Scheduler
      • Webhook
      • Dict Helper
      • Spreadsheet Helper
      • REST Helper
      • Boolean Helper
      • Multi Case Helper
      • Looper
      • FTP Helper
      • CSV Helper
      • XLSX Helper
      • Mail Sender
      • Flow Trigger
      • File Storage Helper
      • Terminate Helper
      • Delay Helper
      • SQL Connector
      • PDF Helper
      • Zip Helper
      • Data Warehouse Helper
      • XML Helper
      • Form Helper
      • Arrow
      • Error Arrow
    • Authentication Types Available
      • Setting up authentication
      • OAuth1
      • OAuth2
      • Refreshable token
      • AWS Signature
      • Basic Auth and Other Simple Authentication Methods
      • How are API versioning and API updates handeled?
      • Custom OAuth2 clients (apps)
    • Building Connectors
      • Base Connector Setup
        • Connector Auth Validation
        • GraphQL APIs
        • Rendering with User Input
      • Building Connector Actions
        • Actions Examples
      • Search Automation
      • Pagination Automation
      • Uploading Files in Actions
      • Working with SOAP APIs
    • Super Actions
    • Webhook Trigger for Connectors
    • Data Mapping and Env Variables
  • Embed - White Label Portal
    • Embed Overview
      • 1. Embed Flow
        • 1.1 Creating Embed Flows
        • 1.2 Updating Embed Flows
        • 1.3 Embed Error Handling
        • 1.4 Setting up Callbacks for Integration activation/deactivation
        • 1.5 Setting up Remote search
        • 1.6 Setting up End User logs
      • 2. Configure Embed
        • 2.1 Embed Integration via SSO
        • 2.2 Proprietary connector setup
        • 2.3 Sharing level
        • 2.4 Consent screen
        • 2.5 Account Secrets
        • 2.7 Further settings
      • 3. Integrate Embed
        • 3.1 iframe vs native embed
        • 3.2 Customizing CSS
        • 3.3 Events emitted from iframe to parent window
      • 4. Embed for End User
        • 4.1 Embed Remote Search
        • 4.2 Embed End User Logs
      • 5. Test Embed Configuration
        • Testing example
      • 6. Embed Integrations and Connector Auths
    • Embed FAQs
  • Data and Dashboards
    • Dashboards & Insights
      • Introduction to Dashboards
      • Introduction to Insights
      • Introduction to Data Sources
      • Dashboard Filters
      • Insight Marketplace - Using Pre-Built Insights
      • Writing SQL Queries
      • Useful SQL Examples
      • Charts
        • Line Chart
        • Bar and Horizontal Bar Chart
        • Stat Card
        • Pie Chart
        • Gauge Chart
        • Donut Chart
        • Stacked Bar, Horizontal Stacked Bar, and Normalized Horizontal Stacked Bar
        • Multiple Line Chart
        • Pivot Table
        • Map Chart
  • Best Practice Guides
    • Integration Best Practices
    • Integration Check List
    • CSV Files in Excel
    • Multi-Tenant Flows
    • On-Premise Integrations
    • Database Connection Setup
    • Data and General Security
    • Using Tags
    • FAQ
  • API
    • Locoia API Authentication - Personal Access Token
    • Create Connector Authentication
  • Contact us
  • Status of Service
  • Data Privacy
  • Imprint
Powered by GitBook
On this page
  • Authentication Overview
  • How to start setting up authentication?
  • Authentication Type
  • Authentication with OAuth2
  • Authentication with Basic Auth for helpers
  • Authentication with Basic Auth for Connectors
  • Authentication with Private SSH Key
  • Authentication Tips & Tricks
  • Authentication FAQs

Was this helpful?

  1. Connectors & Helpers
  2. Authentication Types Available

Setting up authentication

PreviousAuthentication Types AvailableNextOAuth1

Last updated 10 months ago

Was this helpful?

Authentication Overview

We offer multiple authentication methods ranging from basic auth to Oauth2. Although often used in the same sentence, authentication and authorization are not the same. Authorization happens after your identity has been authenticated (confirmed to be who you are) by an app. Thus, you are authorized to get access to data, files, and the like.

How to start setting up authentication?

In the side-menu of the app, click on Connector Auth to get to the authentication screen. Next, click on the Add button in the upper left corner. Now you should see the below screen:

Select the Connector or Helper you want to set auth up for - then:

  1. Enter a Name that describes the Connector or Helper as well as the environment e.g. DEV, Production or the like.

  2. Only enter an API Endpoint if the integration requires a subdomain or if you want to send a request e.g. against an older version of the API. You can place the full URL of endpoints later in the FlowBuilder and don't have to do it here.

  3. In the Auth Type drop-down, depending on whether we offer one or both authentication methods, you will only see those auth types that we offer. For e.g. the Rest helper we offer both, but most likely you will need basic_auth

Authentication Type

Authentication with OAuth2

Let's suppose you select Slack. Enter the name and select oauth2 and then hit Confirm:

Now you will be redirected to the Slack authentication screen that you may know from other apps. Review the content and click allow:

Authentication with Basic Auth for helpers

Basic Auth for Helpers e.g. REST Helper

To setup basic auth for the REST Helper, enter a name, select basic_auth, and enter the full API token in the Auth token field.

If the token requires a "Bearer " or "Basic " prefix enter it in full like this:

Bearer ey_my_secret_token

or

Basic ey_my_secret_token

The auth details field is usually not needed. Should your authentication require user:password base64 encoded, please combine the user:password as described, base64 encode it someone on your Computer / Mac, and then enter the base64 encoded string with the prefix like this:

Basic my_base_64encoded_token

Once all is entered, click Confirm and start using the Authentication in all of your automation flows. It is visible only on the Connector or Helper you set it up for.

Authentication with Basic Auth for Connectors

For connectors, basic auth is setup in the same way as for helpers, but we do the base64 encoding for you and save you some work. Example with Freshdesk:

E.g. for Zendesk, which requires a subdomain, Enter the full domain including the subdomain and trailing slash like:

  • Enter your API-token non-base64 encoded as it is. Locoia does the base64 encoding for you in the background.

  • Specify a subdomain. We automatically add it to the endpoint so it looks like this:

https://my-company.freshdesk.com/api/v2/

Finally, hit confirm and start using the authentication in your flows in the FlowBuilder. It is visible only on the Connector or Helper you set it up for.

Authentication with Private SSH Key

You then have to enter your username and upload the private key file.

Authentication Tips & Tricks

If an API has two endpoints, please create two ConnectorAuths, one for each endpoint. Example: the Dropbox API has api.dropbox.com for regular API calls and content.dropbox.com for all file-related API calls. This allows you to have individual Base-Domains per each endpoint.

Authentication FAQs

How does Locoia store authentication details?

Locoia stores authentication details, such as API keys, passwords or refresh tokens, for its users in order to connect to the respective systems on their behalf once users build flows and use those authentications.

First, authentication details are encrypted on the application level before they are stored in our database. Secondly, our database and all its content is additionally encrypted.

Who can access the authentication details?

No authentication details can be extracted in any way, other than using them as part of a request to the respective systems they are intended for as per Locoia's users.

This means no one, besides the system receiving the request, can see your credentials such as API key or passwords.

Can Locoia employees may access my account for support?

Yes, but any activity and usage of Authentication e.g. as part of a flow run is logged in audit logs. So if a Locoia employee provides support, this leaves traces and users can see exactly what happened.

You can use authentication with a private SSH key together with a sFTP connection via the . When setting up a new Connector Auth for the FTP Helper, you simply have to change the Auth Type to private_ssh_key:

FTP Helper
Changing the Auth Type for the FTP Helper