It may seem that there are only two ways to authenticate via API; JWTs that a user creates via an auth provider and API Tokens that you create, which are super secret. If that’s what you thought, well…you’re right! However, check out this trick.
You can use API Tokens as part of your Data Model. There’s a ton of use cases for this! One big one is authorizing things like IoT Devices.
In the screenshot above, the table called ConnectedDevices has a one-to-one relationship with the API Tokens system table. There’s a dozen ways to create a new record with an associated token (e.g. manually, GraphQL API, before.trigger, and more). However, once set up, Permissions that reference the __requestingApiToken variable can be used!
If you have any questions about this, definitely ask them in the below!