# Using Authorizations (optional)
An Airnode can authorize smart contracts (know as requesters) access to its endpoints using Authorizations. This method is off-chain and requires no blockchain knowledge by an API provider. It is different than Authorizers which is an on-chain auth scheme.
Alternative: Relayed Meta Data
As an alternative to authorizers and authorizations, an API provider can use Relayed Meta Data to authenticate a request. This approach is off-chain and requires no blockchain knowledge by the API provider. Note that it is possible to use authorizers, authorizations, and relayed meta data together.
Authorizations use scheme types that hard-code access to an Airnode's endpoints
in the same file that defines the Airnode, its config.json file. These
hard-coded values are endpointId/address pairs that the Airnode will use to
allow access to its endpoints by requesters (smart contracts).
Nothing in authorizers can supersede permissions granted by authorizations
as the latter takes precedence.
Currently there is only one authorizations scheme type,
requesterEndpointAuthorizations.
# requesterEndpointAuthorizations
Currently requesterEndpointAuthorizations is the only scheme type available
for authorizations. It defines a list of endpointIds each with a array of
requester addresses that can access them.
{
...
"chains":[
{
"id": "1",
...
"authorizers": {
"requesterEndpointAuthorizers": [
"0xeabb...C123",
"0xCE5e...1abc"
] The scheme type requesterEndpointAuthorizations
}, grants access to endpointId/address pairs
"authorizations": { ⬇︎
"requesterEndpointAuthorizations": {
"0x6db9...7af6": ["0xdhrt...A498"],
"0x8dd9...5ad7": ["0xdhrt...A498", "0xcse0...D236"],
⬆︎ ⬆︎ ⬆︎
endpointId requester addresses
}
},
},
]
}
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23