Hi Paulo,

Thanks for response!

I am not sure, but I think the API Id and API key which is being mentioned in the article link I shared for custom authentication is different from what is present in the suggested Application entity. 

Could you please confirm.

Thanks!!

You are right, it's not the same thing.

I just answered on how to get the AppId and the AppKey, I thought that you were referring to the System's Application entity. 

But now that I saw the article, that is just an example of a use case about custom authentication on REST API. 

You have that described step by step, in which step are you stuck?

The APIKey and the AppId are like tokens that you need to send in the REST API call, then, you will need an action to validate these tokens (OnAuthentication) and only after this authentication check, the method is executed. 

So, you need to first define these values somewhere, for them to be validated against the inputs that are being sent on the REST API call. 

For instance, as a simple example, create 2 site properties: APIKey and AppID and give these some values.
Then define the REST API with these 2 input parameters and define the authentication logic on the OnAuthentication (check if the parameters in the header match the ones on the site properties).

This will be a simple start, let us know if you have further questions.

I am clear on the logic part, the article mentions the steps in details. I think I made it complex for myself on understanding the AppId and AppKey that will be used for authentication. 

According to article

• <app_id> is an application identifier.
• <api_key> is a secret key associated with the app identified by <app_id>. You should handle this value as you would handle a password.

So that is all.

Thanks!!