Gravitee · Authentication Profile

Gravitee Authentication

Authentication

Gravitee secures its APIs with apiKey and http across 4 declared security schemes, as derived from its OpenAPI definitions.

API GatewayAPI ManagementAccess ManagementIdentityEvent-DrivenEvent ManagementKafka GatewayKafkaMQTTGraphQLgRPCAI GatewayMCPA2ALLM ProxyMulti-Gateway FederationDeveloper PortalOpen SourceApache 2.0
Methods: apiKey, http Schemes: 4 OAuth flows: API key in: cookie

Security Schemes

gravitee-auth http
scheme: Bearer
BasicAuth http
scheme: basic
CookieAuth apiKey
· in: cookie (Auth-Graviteeio-APIM)
BearerAuth http
scheme: bearer

Source

Authentication Profile

Raw ↑
generated: '2026-07-11'
method: derived
source: openapi/gravitee-am-openapi.yml, openapi/gravitee-apim-openapi.yml
summary:
  types:
  - apiKey
  - http
  api_key_in:
  - cookie
schemes:
- name: gravitee-auth
  type: http
  scheme: Bearer
  sources:
  - openapi/gravitee-am-openapi.yml
- name: BasicAuth
  type: http
  scheme: basic
  sources:
  - openapi/gravitee-apim-openapi.yml
- name: CookieAuth
  type: apiKey
  in: cookie
  parameter: Auth-Graviteeio-APIM
  sources:
  - openapi/gravitee-apim-openapi.yml
- name: BearerAuth
  type: http
  scheme: bearer
  bearerFormat: JWT
  sources:
  - openapi/gravitee-apim-openapi.yml