Authentication Methods
API Keys
API keys are the simplest way to authenticate with the 2GC CloudBridge API. They provide secure access to your organization's data and resources.
Authorization: Bearer YOUR_API_KEYAdvantages
- Simple to implement
- High performance
- Stateless authentication
- Easy to revoke
Best Practices
- Store securely
- Rotate regularly
- Use environment variables
- Monitor usage
OAuth 2.0
OAuth 2.0 provides secure, delegated access to your organization's resources. It's ideal for applications that need to access data on behalf of users.
GET /oauth/authorize?client_id=YOUR_CLIENT_ID&response_type=code&redirect_uri=YOUR_REDIRECT_URISupported Flows
- Authorization Code
- Client Credentials
- Refresh Token
- Implicit Flow
Scopes
- read:users
- write:users
- read:organizations
- admin:all
Session Management
Session-based authentication is available for web applications. Sessions provide a secure way to maintain user state across requests.
Set-Cookie: session=YOUR_SESSION_TOKEN; HttpOnly; Secure; SameSite=StrictFeatures
- Automatic session handling
- Secure cookie storage
- Session timeout
- CSRF protection
Security
- HttpOnly cookies
- Secure flag
- SameSite protection
- Automatic logout
Security Best Practices
API Key Security
- Keep Keys Secure
Never expose API keys in client-side code or public repositories.
- Use Environment Variables
Store API keys in environment variables or secure configuration files.
- Rotate Regularly
Generate new API keys periodically and revoke old ones.
- Monitor Usage
Regularly check API key usage logs for suspicious activity.
Request Security
- Use HTTPS
Always make API requests over HTTPS to encrypt data in transit.
- Validate Input
Validate and sanitize all input data before sending to the API.
- Handle Errors Gracefully
Implement proper error handling to avoid exposing sensitive information.
- Rate Limiting
Implement client-side rate limiting to avoid hitting API limits.