Integrations
API Authentication
riogentix supports all major authentication patterns for connecting to external APIs.
API Key
The simplest form — pass a static key in a header or query param:
Authorization: Bearer sk-abc123...
X-API-Key: abc123...
Store the key as a Credential of type *API Key* and reference it in the HTTP Request node.
OAuth 2.0
For services like Google, Slack, Salesforce, and Microsoft:
- Go to Settings → Credentials → Add → OAuth2
- Fill in Client ID and Client Secret from the service's developer portal
- Click Connect — you'll be redirected to authorise the connection
- The token is automatically refreshed when it expires
OAuth2 Grant Types Supported
- Authorization Code (interactive, for user-scoped access)
- Client Credentials (machine-to-machine)
- Refresh Token (automatic token renewal)
Basic Auth
Authorization: Basic <base64(username:password)>
Create a Basic Auth credential and select it in any HTTP Request node.
HMAC Signature Verification
For inbound webhooks that sign their payloads (e.g. Stripe, GitHub):
// Code node — verify GitHub webhook signature
const crypto = require('crypto');
const signature = $input.first().headers['x-hub-signature-256'];
const body = JSON.stringify($input.first().json);
const secret = $env.GITHUB_WEBHOOK_SECRET;
const expected = 'sha256=' + crypto.createHmac('sha256', secret).update(body).digest('hex');
if (signature !== expected) {
throw new Error('Invalid webhook signature');
}
return $input.all();
mTLS (Mutual TLS)
For high-security enterprise APIs, riogentix supports client certificate authentication. Upload your .pem certificate in Settings → Credentials → mTLS Certificate.