Table of Contents

Creating a custom endpoint authentication provider

Authentication providers in DynamicWeb are used to apply authentication logic when connecting to external systems via endpoints. They enable developers to securely pass credentials or tokens during integration communication, and can be implemented if our standard authentication methods - OAuth 2.0 S2S, OAuth 2.0 User impersonation, bearer token, basic, and NTLM - are not adequate for your scenario.

Overview

To create a custom authentication provider, inherit from the abstract base class BaseEndpointAuthenticationAddIn. This class provides virtual methods that you can override to inject custom logic, validate configuration parameters, and manage HTTP client behavior.

BaseEndpointAuthenticationAddIn : ConfigurableAddIn

The base class is located in Dynamicweb.DataIntegration.EndpointManagement.AuthenticationAddIns

It provides the following key members:

Method Description
void PrepareClient(Uri uri, HttpClient client, HttpClientHandler clientHandler, Endpoint endpoint) Used to configure the HTTP client before the request is sent.
void Save(EndpointAuthentication authentication) Invoked when authentication settings are saved.
void Delete(EndpointAuthentication authentication) Invoked when authentication settings are deleted.
bool IsOAuthTokenBased() Override to return true if your provider uses OAuth tokens.
string? ValidateParameters() Used to validate the parameters entered in the UI and return error messages if necessary.
void Log(string logfileName, string message, Exception? ex) Used to log messages, optionally with an exception.
ILogger? GetLogger(string logfileName) Returns the logger instance if logging is enabled.
Note

Logging is controlled via the setting: /Globalsettings/Modules/EndpointManagement/EnableLog

Creating a Custom Provider

To implement your own authentication logic:

  1. Create a new class that inherits from BaseEndpointAuthenticationAddIn.
  2. Add your input parameters using [AddInParameter] attributes.
  3. Implement the required ValidateParameters method.
  4. Override PrepareClient to apply custom authentication.

Example: Custom Token Authentication Provider

[AddInName("Custom Token Auth")]
[AddInLabel("Custom Token")]
[AddInDescription("Uses a static bearer token")]
public class CustomTokenAuthenticationAddIn : BaseEndpointAuthenticationAddIn
{
    [EncryptParameter]
    [SensitiveData]
    [AddInParameter("Access Token")]
    [AddInParameterEditor(typeof(Extensibility.Editors.TextParameterEditor), "password=true")]
    public string? AccessToken { get; set; }

    public override string? ValidateParameters()
    {
        if (string.IsNullOrWhiteSpace(AccessToken))
            return "Access Token must be provided.";
        return null;
    }

    public override void PrepareClient(Uri uri, HttpClient client, HttpClientHandler clientHandler, Endpoint endpoint)
    {
        if (!string.IsNullOrEmpty(AccessToken))
        {
            client.DefaultRequestHeaders.Authorization = new System.Net.Http.Headers.AuthenticationHeaderValue("Bearer", AccessToken);
        }
    }
}

This example demonstrates how to inject a bearer token into every request. The token is encrypted and marked as sensitive in the UI.

Registering the Provider

When compiled and deployed, your provider will automatically be available in the Select authentication type dropdown in the UI under Integration > Connections > Authentication.

Notes

  • Always use [EncryptParameter] and [SensitiveData] for secrets.
  • Use ValidateParameters() to enforce required configuration.
  • Override PrepareClient to influence HTTP communication.
  • Logging is optional and configurable.
Improve this doc
To top