REST Authentication
supports OAuth, tokens, Basic Auth credentials, secrets, and API keys as authentication methods. These result in entries added to the request's header unless the authentication parameters' location is specified differently. We do not recommend building solutions with where credentials are stored in the YAML of the solutions. provides a secure mechanism for defining, storing, and retrieving authentication information during runtime.
Credentials, including OAuth configurations, are stored in under the credentials section for a solution. Each authentication type entry has the fields required for to add the credentials to the request when it executes the function on the device. These entries are stored in the Cloud-using AWS amplifies encryption that cannot decrypt. Entries containing secrets are not visible once they are stored. During runtime, when comes across a parameter it recognizes as an authentication parameter, it will retrieve the configuration from the cloud and stores it in the device's keychain. Only the Jigx application can access and retrieve the information once stored on the device. This is protected by on-device encryption and can only be accessed by the native application signed with the certificate for the signed-in user.
The result of a successful OAuth loop is a token that is stored on the user's device in the keychain secure storage. When the token expires, uses a refresh token to get an updated token. If the OAuth loop provides no refresh token, the user will be prompted for their OAuth credentials by the REST call.
The accessToken must be specified as a parameter in the YAML. only retrieves the values from the cloud if specified in the YAML. If this parameter is omitted, the OAuth loop will not be initiated.
Configuration. See Credentials for more information.
Jig YAML example:
Configuration. See Credentials for more information.
A username and password for basic authentication are stored in with a specific key. The key is referenced in the function definition using a header parameter called basicAuth.
Configuration. See Credentials for more information.
Jigx Function example:
Jig YAML example:
A secret is stored in with a specific key. The key is referenced in the function definition using a path, header, query, or body parameter with the name expected by the request.
Configuration. See Credentials for more information.
A local REST function call allows the mobile app to perform all the processing locally and call the third-party service directly. As a result, data is only transferred between the mobile app and the third-party REST service. Only OAuth authentication can be used with Local REST calls. For more information see Local REST Calls.