Function Auth

Auth definitions can be used to define authentication information that should be applied to function definitions. It can be used for both the retrieval of the function's resource (as defined by the operation property) and for the function's invocation.

Parameter
Description
Type
Required

name

Unique auth definition name. Must follow the Serverless Workflow Naming Convention

string

yes

name

Unique auth definition name. Must follow the Serverless Workflow Naming Convention

string

yes

scheme

Auth scheme, can be "basic", "bearer", or "oauth2". Default is "basic"

enum

no

properties

Auth scheme properties. Can be one of "Basic properties definition", "Bearer properties definition", or "OAuth2 properties definition"

object

yes

The name property defines the unique auth definition name. The scheme property defines the auth scheme to be used. Can be "bearer", "basic" or "oauth2". The properties property defines the auth scheme properties information. Can be one of "Basic properties definition", "Bearer properties definition", or "OAuth2 properties definition"

Basic Properties Definition

See here for more information about Basic Authentication scheme.

The Basic properties definition can have two types, either string or object. If string type, it defines a workflow expression that contains all needed Basic auth information. If object type, it has the following properties:

Parameter
Description
Type
Required

username

String or a workflow expression. Contains the user name

string

yes

password

String or a workflow expression. Contains the user password

string

yes

metadata

Metadata information

object

no

Bearer Properties Definition

See here for more information about Bearer Authentication scheme.

Parameter
Description
Type
Required

token

String or a workflow expression. Contains the token information

string

yes

metadata

Metadata information

object

no

OAuth2 Properties Definition

See here for more information about OAuth2 Authentication scheme.

Parameter
Description
Type
Required

authority

String or a workflow expression. Contains the authority information

string

no

grantType

Defines the grant type. Can be "password", "clientCredentials", or "tokenExchange"

enum

yes

clientId

String or a workflow expression. Contains the client identifier

string

yes

clientSecret

Workflow secret or a workflow expression. Contains the client secret

string

no

scopes

Array containing strings or workflow expressions. Contains the OAuth2 scopes

array

no

username

String or a workflow expression. Contains the user name. Used only if grantType is 'resourceOwner'

string

no

password

String or a workflow expression. Contains the user password. Used only if grantType is 'resourceOwner'

string

no

audiences

Array containing strings or workflow expressions. Contains the OAuth2 audiences

array

no

subjectToken

String or a workflow expression. Contains the subject token

string

no

requestedSubject

String or a workflow expression. Contains the requested subject

string

no

requestedIssuer

String or a workflow expression. Contains the requested issuer

string

no

metadata

Metadata information

object

no

Last updated