Configuring API Authorization

To enable authorization for the Platina Standard API, update the appsettings.json file located in the directory where the Platina Standard API package was extracted.

Add or modify the AppRegistration section with your app registration details (example for Microsoft Entra app registration):

"AppRegistration": {
    "ClientId": "<your-client-id>",
    "ClientSecret": "<your-client-secret>",
    "TenantId": "<your-tenant-id>",
    "Authority": "https://login.microsoftonline.com/<your-tenant-id>/"
}

Parameters:

  • ClientId: The Application (client) ID from your Azure AD app registration.
  • ClientSecret: The client secret generated for your Azure AD app.
  • TenantId: The Directory (tenant) ID of your Azure AD.
  • Authority: The OAuth 2.0 authority URL for your tenant.

Custom Authorization Header for Proxy

Since Platina Standard API 8.1.0, the API supports proxy configurations with custom authorization headers. This allows external consumers to pass authentication tokens through a custom HTTP header instead of the standard Authorization header.

Use Case: When the API is accessed through a proxy or gateway that manages authentication, you can configure the API to treat a custom header as the authorization header.

Configuration:

To configure a custom authorization header for proxy authentication, update the appsettings.json file with the ProxyAuthHeader setting:

{
  "ProxyAuthHeader": "x-platina-auth"
}

How it works:

  • The standard Authorization header is always checked first and takes priority if present.
  • When ProxyAuthHeader is configured, the API will look for the specified custom header (e.g., x-platina-auth) in incoming requests only if the standard Authorization header is empty or not provided.
  • The value from this custom header will be treated as the Authorization header for authentication purposes as a fallback.

Example:

If you configure "ProxyAuthHeader": "x-platina-auth", a client request should include:

GET /api/v8/diaries HTTP/1.1
Host: server.example.com
x-platina-auth: Bearer <authentication-token>

The API will internally treat x-platina-auth as the authorization header and process the token accordingly.

Note: For more details on authorization configuration, refer to the Authorization guide.