Customize Security & Authentication
Authentication Overview
Speakeasy-created SDKs have authentication automatically configured based on the securitySchemes defined in the OpenAPI specification.
APIs authenticated by long-lived tokens (API keys) work out of the box. For APIs using short-lived tokens (OAuth), additional configuration is required to simplify setup.
Support for securitySchemes
In the OpenAPI specification, define the securitySchemes object according to the API's authentication mechanism.
| Authentication Mechanism | Language Support |
|---|---|
| HTTP Basic Authentication | ✅ All Languages |
| API Key [header, query] | ✅ All Languages |
| Bearer Token Authentication | ✅ All Languages |
| OAuth Client Credentials Flow [client_secret_post] | ✅ Go, TypeScript, Python, C# 🏗️ Others |
| OAuth Client Credentials Flow [others] | ✅ using hooks |
| OAuth Implicit Flow | ✅ using hooks |
| OAuth Refresh Token Flow | ✅ using hooks |
| mTLS | ✅ using hooks |
| Custom Security Schemes | ✅ using custom security schemes |