NocoDB · Authentication Profile

Nocodb Authentication

Authentication

NocoDB secures its APIs with apiKey and http across 2 declared security schemes, as derived from its OpenAPI definitions.

DatabaseNo-CodeLow-CodeAirtable AlternativeOpen SourceSpreadsheetREST APISelf-Hosted
Methods: apiKey, http Schemes: 2 OAuth flows: API key in: header

Security Schemes

xcToken apiKey
· in: header (xc-token)
bearerAuth http
scheme: bearer

Source

Authentication Profile

Raw ↑
generated: '2026-07-11'
method: derived
source: openapi/nocodb-data-api-openapi.yml, openapi/nocodb-meta-api-openapi.yml
summary:
  types:
  - apiKey
  - http
  api_key_in:
  - header
schemes:
- name: xcToken
  type: apiKey
  in: header
  parameter: xc-token
  description: NocoDB API token
  sources:
  - openapi/nocodb-data-api-openapi.yml
  - openapi/nocodb-meta-api-openapi.yml
- name: bearerAuth
  type: http
  scheme: bearer
  description: 'Bearer token authentication. Use ''Authorization: Bearer <token>'' header format.'
  sources:
  - openapi/nocodb-data-api-openapi.yml
  - openapi/nocodb-meta-api-openapi.yml