Skip to main content

Comlink Provider Reference

A Provider Definition is a JSON description of provider's services and security schemes. Comlink Maps make use of the Provider Definition by defining which service to call based on the Service ID and which security scheme to use based on the Security Scheme ID. A Provider Definition keeps the provider information separate so it can be reused across maps that might implement other profiles.

Provider Definition

This is the root of the Provider Definition file.

  • name (string) - Provider Name
  • services (array of Service)
  • securitySchemes (array of Security Scheme, optional)
  • defaultService (string) - References the ID of an existing Service
{
  "name": "twilio",
  "services": [
    {
      "id": "default",
      "baseUrl": "https://api.twilio.com"
    }
  ],
  "defaultService": "default",
  "securitySchemes": [
    {
      "id": "basic",
      "type": "http",
      "scheme": "basic"
    }
  ]
}

Service

A service is software that makes itself available over the internet.

  • id (string) - ID for service, unique within provider definition
  • baseUrl - Base URL for the service

Default Service

A provider can have several services associated with it. Comlink Maps allow for leaving out the service ID when specifying an HTTP call and defaulting to the defaultService as defined in the provider definition.

Security Scheme

The Provider Definition includes security schemes that describe the ways a client must authenticate and authorize in order to use the provider API. These security schemes are referenced in maps as security requirements. The security schemes in a Provider Definition declare how security works for a provider, while the security requirements in the map describe which HTTP calls use those security schemes.

The Security Scheme may be one of the following:

Security Scheme Types

API Key Header

For this security scheme, the client should add the API key into a specified HTTP header.

  • id (string) - ID for security scheme, unique within provider definition
  • type: "apiKey" (string)
  • in: "header" (string)
  • name (string) - Name of HTTP header
{
  "id": "my-api-key-header",
  "type": "apiKey",
  "in": "header",
  "name": "API-Key"
}

In this example, the name refers to the HTTP header name.

API Key Query Parameter

For this security scheme, the client should add the API key into a specified query parameter.

  • id (string) - Unique ID for security scheme
  • type: "apiKey" (string)
  • in: "query" (string)
  • name (string) - Name of query parameter
{
  "id": "my-api-key-query-param",
  "type": "apiKey",
  "in": "query",
  "name": "apiKey"
}

In this example, the name refers to the query parameter to use for this security scheme.

Basic Auth

This security scheme refers to HTTP Basic Authentication as described in RFC 7235.

  • id (string) - Unique ID for security scheme
  • type: "http" (string)
  • scheme: "basic" (string)
{
  "id": "my-basic-auth",
  "type": "http",
  "scheme": "basic"
}

Digest Auth

This security scheme refers to HTTP Digest Authentication as described in RFC 7616.

  • id (string) - Unique ID for security scheme
  • type: "http" (string)
  • scheme: "digest" (string)
  • statusCode (number, optional) - HTTP status code expected for the initial response with the challenge header. Default value is 401.
  • challengeHeader (string, optional) - Case insensitive name of the response header with server issued challenge. Default value is www-authenticate.
  • authorizationHeader (string, optional) - Case insensitive name of the request header containing digest authorization details. Default value is authorization.
{
  "id": "my-digest-auth",
  "type": "http",
  "scheme": "digest",
  "statusCode": 401,
  "challengeHeader": "www-authenticate",
  "authorizationHeader": "Authorization"
}

Bearer Token

  • id (string) - Unique ID for security scheme
  • type: "http" (string)
  • scheme: "bearer" (string)
  • bearerFormat (string, optional) - A hint to the client to identify how the bearer token is formatted for documentation purposes only
{
  "id": "my-bearer-token",
  "type": "http",
  "scheme": "bearer",
  "bearerFormat": "JWT"
}

Examples

JSON Schema

$schema: http://json-schema.org/draft-07/schema
type: object
properties:
  name:
    type: string
    pattern: "^(unverified\\/)?[a-z][_\\-a-z]*$"
  services:
    type: array
    items:
      $ref: '#/definitions/Service'
    minItems: 1
  securitySchemes:
    type: array
    items:
      $ref: '#/definitions/SecurityScheme'
  defaultService:
    description: ServiceIdentifier must correspond to existing Service `id` from services.
    $ref: '#/definitions/ServiceIdentifier'
required:
  - name
  - services
  - defaultService
definitions:
  Service:
    type: object
    properties:
      id:
        $ref: '#/definitions/ServiceIdentifier'
      baseUrl:
        type: string
        examples:
          - https://swapi.dev/api
    required:
      - id
      - baseUrl
  ServiceIdentifier:
    $ref: '#/definitions/Identifier'
  Identifier:
    type: string
    pattern: '[_A-Za-z][A-Za-z]*'
    examples:
      - swapidev
  SecurityScheme:
    oneOf:
      - $ref: '#/definitions/ApiKeyHeaderSecurity'
      - $ref: '#/definitions/ApiKeyQueryParamSecurity'
      - $ref: '#/definitions/BasicAuthSecurity'
      - $ref: '#/definitions/BearerTokenSecurity'
  SecurityIdentifier:
    $ref: '#/definitions/Identifier'
  ApiKeyHeaderSecurity:
    type: object
    properties:
      id:
        $ref: '#/definitions/Identifier'
      type:
        type: string
        enum:
          - apiKey
      in:
        type: string
        enum:
          - header
      name:
        type: string
        description: Name of header
        examples:
          - X-API-Key
    required:
      - id
      - type
      - in
      - name
  ApiKeyQueryParamSecurity:
    type: object
    properties:
      id:
        $ref: '#/definitions/SecurityIdentifier'
      type:
        type: string
        enum:
          - apiKey
      in:
        type: string
        enum:
          - query
      name:
        type: string
        description: Name of query parameter
    required:
      - id
      - type
      - in
      - name
  BasicAuthSecurity:
    type: object
    properties:
      id:
        $ref: '#/definitions/SecurityIdentifier'
      type:
        type: string
        enum:
          - http
      scheme:
        type: string
        enum:
          - basic
    required:
      - id
      - type
      - scheme
  BearerTokenSecurity:
    type: object
    properties:
      id:
        $ref: '#/definitions/SecurityIdentifier'
      type:
        type: string
        enum:
          - http
      scheme:
        type: string
        enum:
          - bearer
      bearerFormat:
        description: |
          A hint to the client to identify how the bearer token is formatted.
          Bearer tokens are usually generated by an authorization server, so this
          information is primarily for documentation purposes.
        type: string
        examples:
          - JWT
    required:
      - id
      - type
      - scheme