Introduction

Celerity provides a collection of helpers and specifications for authentication. Applications with public HTTP APIs that make up Celerity such as the Build Engine API and the Workflow Runtime support common authentication mechanisms including API keys and JWTs issued by OAuth2 or OIDC¹ providers. A custom Celerity-specific authentication mechanism is also supported that avoids the transportation of private API keys over the wire by using them in combination with a public key, timestamp and chosen request headers to create a signature, this mechanism is the called the Celerity Signature.

Authenticating your Celerity Applications

This section does not cover the authentication mechanisms supported in applications created with Celerity, see the celerity/api resource type documentation for more information on how to configure authentication for your application.

Authentication Mechanisms

You can delve deeper into the supported authentication mechanisms in the links below (including the specification for the Celerity Signature):

• API Keys
• JWTs
• Celerity Signature v1

Footnotes

1. OpenID Connect (OIDC) is an authentication layer on top of OAuth 2.0, an authorization framework. See OpenID Connect. ↩