Appearance
Authentication Methods
Central supports several authentication methods for connecting to external systems. The set available depends on whether you're using a pre-built Connector, defining your own custom connector, or configuring a Custom Extension.
Supported Methods
The platform supports the following authentication methods. Some are only available through pre-built connectors and are not selectable when building a connector from scratch — see Available for Custom Connectors below.
| Method | Description |
|---|---|
| Unauthenticated | No authentication; the request is sent as-is. |
| Basic | HTTP Basic Authentication using a username and password. |
| OAuth — Client Credential | OAuth 2.0 client credentials grant (machine-to-machine). |
| OAuth — Authorization Code | OAuth 2.0 authorization code flow, with refresh tokens for ongoing access. |
| OAuth — JWT Client Assertion | OAuth 2.0 using a signed JWT as the client assertion. |
| OAuth — Password Credential | OAuth 2.0 resource owner password credentials grant. |
| Custom | Authentication logic specific to a pre-built connector. |
| Customized | Request-based authentication driven by connector configuration. |
| Passthrough | Authentication settings are passed directly to each endpoint action. |
| XML | XML-based authentication used by certain SOAP-style connectors. |
| BigQuery | Service-account authentication for Google BigQuery. |
Available for Custom Connectors
When defining a new connector yourself (rather than using a pre-built one), the following methods are available:
- Unauthenticated
- Basic
- OAuth Client Credential
- Passthrough
The remaining methods listed above ship as part of specific pre-built connectors and are not selectable when creating a custom connector.
Available for Custom Extensions
Custom Extensions currently support OAuth Client Credential only.
Multi-Method Connectors
Some pre-built connectors support more than one authentication method, letting you pick the option that best matches your tenant's security posture (e.g., an OAuth-code flow that requires a registered Public Application versus a Static Token your IT team can issue without that registration).
When you create or edit one of these connectors, an Authentication Type dropdown appears on the Configure step. Selecting an entry updates the Secure Settings list to match that method. Credentials that are shared between methods (for example, ClientId and ClientSecret between OAuth-code and Resource Owner Password) are preserved when you switch, so you can pivot during setup without re-entering shared values.
The following connectors currently expose multiple methods:
| Connector | Methods |
|---|---|
| Egnyte | OAuth — Authorization Code · OAuth — Password Credential · Static Token (Passthrough) |