Set Authentication
When several APIs share the same credentials β for example, all the actions you imported from one OpenAPI schema point to the same backend β you can configure authentication once and apply it to all of them in a single step. This tutorial walks you through using Set Authentication on the Custom API page.
When to Use This Feature
Use Set Authentication when:
- You have just imported multiple APIs from an OpenAPI schema and need to add credentials to all of them at once
- Several existing APIs on your agent use the same token or username/password and you need to rotate or update that credential
- You want to apply or remove authentication from a specific subset of APIs without editing each one individually
Supported Authentication Types
qlar supports five authentication methods. The table below summarises when to use each one.
| Auth Type | When to use |
|---|---|
none | Public endpoints β no credentials needed |
bearer | APIs secured with a static Bearer token |
basic | APIs that use a username and password |
custom | APIs with a custom header name (e.g., X-API-Key) |
oauth | APIs secured with OAuth 2.0 (Client Credentials or Google Service Account) |
Step 1 β Open the Set Authentication Panel
On the Custom API page, click Set Authentication in the top section of the page. A sliding panel opens on the right side of the screen.
Step 2 β Configure the Authentication
Choose the Auth Type that matches your API credentials. The required fields will appear below.
Bearer
Enter the token value in the Key field.
Basic
Enter the Username and Password for the API.
Custom
Enter the Header Name (e.g., X-API-Key) and the Key value. qlar will send Header Name: Key with every request.
OAuth
Select the Provider Type (Client Credentials or Google Service Account), enter the Token URL, and supply the grant-type credentials (Client ID, Client Secret, and any required scopes).
None
Select none to remove authentication from the selected APIs (for example, to reset credentials you no longer need).
Step 3 β Select the APIs to Update
Under Select APIs to update, tick the APIs that should receive this authentication configuration.
Use the controls to narrow or expand your selection:
- Select All β tick every API in the list
- Clear All β untick every API in the list
- Select group / Clear group β tick or untick all APIs within a specific category
The header shows how many APIs are currently selected.
Tip: If you just imported APIs from a single OpenAPI schema, they will typically appear together. Use Select group for that group to configure them all at once.
Step 4 β Apply the Authentication
Click OK. A confirmation dialog appears telling you:
- How many APIs will be updated
- A warning that their current authentication will be overwritten
Click Confirm to apply.
Note: APIs you did not select are left untouched. Only the selected APIs receive the new authentication configuration.
Step 5 β Publish All Changes
Click Save all changes at the bottom of the Custom API page. A confirmation dialog appears β click Confirm to publish.
The updated authentication is now live for all selected APIs.
Authentication Details Reference
Bearer token
| Field | Description |
|---|---|
| Key | The full token value (without the Bearer prefix β qlar adds it automatically) |
Basic authentication
| Field | Description |
|---|---|
| Username | The account username |
| Password | The account password |
Custom header
| Field | Description |
|---|---|
| Header Name | The HTTP header name your API expects (e.g., X-API-Key, Authorization) |
| Key | The value sent in that header |
OAuth 2.0 β Client Credentials
| Field | Description |
|---|---|
| Token URL | The endpoint qlar calls to obtain an access token |
| Client ID | Your OAuth client identifier |
| Client Secret | Your OAuth client secret |
| Scope | Space-separated list of OAuth scopes (optional) |
OAuth 2.0 β Google Service Account
| Field | Description |
|---|---|
| Service Account JSON | The contents of your Google service account key file |
| Scope | The Google API scope URL(s) the token should cover |
Related Pages
- Import OpenAPI Schema β import multiple API actions from a spec file, then use Set Authentication to add credentials
- Call API β configure authentication for a single API action
- Using Plugins β use pre-built integrations that handle authentication for you