API Authentication

Learn how to add API Authentication in UI Bakery

In case your API requires authentication with a certain set of headers or other query params, you can configure and add your HTTP API as a data source, so that you do not need to configure these parameters with every request. Also note that parameters configured in the datasource will be merged with the parameters configured in the specific request.

Datasource Configuration

To configure the data source, navigate UI Bakery, select Data Sources - Connect - choose HTTP API.

You can add any standard type of authentication in UI Bakery:

  • OAuth 2.0;

  • Basic Auth;

  • Custom header or query param.

OAuth 2.0

OAuth 2.0 is a protocol that allows UI Bakery to access data sources hosted by other web apps on behalf of a user.

To set up OAuth 2.0 for datasource, choose the OAuth2 under Authentication Settings.

OAuth 2.0 configuration

  • UI Bakery redirect callback field is readonly, it should be set in API OAuth settings.

  • Client ID and Client Secret should be filled with values provided by API.

  • Authorization URL and Access Token URL should be filled with values provided by API.

  • Additional params for Access Token request are any additional parameters that need to be added to the access token, e.g. entity_id. These params are added to the access token request's body.

  • Scope is space-delimited list of permissions granted to data source.

When Require personal token is enabled, each user will be asked to authorise access to API. Each user will have their own token. Data sources with personal tokens can't be used in public apps by anonymous users or in automations. If personal token is off, then the token acquired during a data source creation will be used by all users.

How to use request data with OAuth 2.0

In the data source configuration, you can use the UI_BAKERY_OAUTH2_TOKEN placeholder, which will be replaced with the token value during the request. If ID token was requested you can use the UI_BAKERY_OAUTH2_ID_TOKEN placeholder as well.

By default, the header Authorization: Bearer UI_BAKERY_OAUTH2_TOKEN will be automatically added to each request to the data source with OAuth 2.0 enabled. You can override this behavior by adding your own Authorization header.

On enterprise plan you can use the UI_BAKERY_SSO_TOKEN placeholder, it will be replaced with the token from Single Sign On authentication.

Token Refresh

UI Bakery will try to automatically refresh token if refresh token is returned by API during authorization. If token refresh is not possible, the users will be asked to give access each time the token is expired.

Basic Authentication

To add Basic Authentication, choose the Basic Auth under Authentication Settings, specify your username and password.

Custom API key in headers or query params

For some API, you need to pass the API key via Headers or Query Params, e.g. in Hubspot


Once you have established the connection between UI Bakery and a required application via API, you can further access and manage the data.

Last updated