Skip to main content
Version: Cloud

Authentication for External Deployments

When creating external Deployments to connect your externally deployed models to Deeploy, you will need to configure the appropriate authentication method. This document outlines the various authentication options available to securely connect to your external models.

For more information about external Deployments, see Deployment types.

Authentication Methods

Choose from the following authentication methods depending on then authentication required to interact with the externally hosted model.

Basic Authentication

Authenticate to the provided URL using HTTP basic authentication.

  • Provide a username and password
  • Deeploy will base64 encode these credentials (username:password)
  • The encoded string is added to the HTTP request in the Authorization header: Authorization: Basic {base64_encoded_credentials}

For example, 

username: apiuser
password: secret123

results in the header: Authorization: Basic YXBpdXNlcjpzZWNyZXQxMjM=.

Bearer Token

Authenticate using a token-based authentication scheme, commonly used with OAuth 2.0 and JWT.

  • Provide your token in the password field
  • The token is added to the HTTP request in the Authorization header: Authorization: Bearer {token}

For example, 

password: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...

results in the header: Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9....

Custom Header

Use a custom HTTP header for authentication when standard methods don't meet your requirements.

  • The username field specifies the custom header name
  • The password field provides the header value
  • Useful for APIs requiring non-standard authentication headers

For example, 

username: api-key
password: abcd1234

results in the header: api-key: abcd1234.

This is particularly relevant for services like Azure OpenAI as shown in our OpenAI integration example.

OAuth Client Credentials

Authenticate using the OAuth 2.0 client credentials flow, suitable for server-to-server authentication.

  • Provide your OAuth client credentials:
    • username: client_id
    • password: client_secret
    • tokenURL: the OAuth token endpoint
  • Deeploy will request an access token from the specified token endpoint with:
    • grant_type: client_credentials
    • scope: all-apis
  • The received access_token is added to the HTTP request in the Authorization header: Authorization: Bearer {access_token}

Note: Currently, only bearer token types are supported.

For example, 

username: client_12345
password: client_secret_67890
tokenURL: https://auth.example.com/oauth/token