Configuring credentials
Prerequisite
- Access to the Data source management > Credentials (DI004) menu.
Introduction
To simplify the maintenance of REST data source configurations, API authentication information is recorded separately from the rest of the parameterizations.
The information required for API authentication, such as user, password, token, among others, are configured on the credential screen.
A credential can be used in multiple REST data sources, which will facilitate any security updates, such as password and token changes. This way, the information will be gathered in a single record and will be reflected in all linked REST data sources.
See how to create a credential:
Configuring a credential
1. Access the Data source management > Credentials (DI004) menu.
2. Click on the Create button.
3. On the screen that will open, enter the name of the record in the Credential field.
4. Choose which authentication type will be used:
| Basic authentication | Select this option if the service will only require a username and password. In this case, the system will show the fields in which the username and password that will be used for this operation must be entered. |
| Internal authentication | Select this option to indicate that an internal service will be used. In this case, the authentication takes into account the SoftExpert Suite user that is connected at the time of consumption. |
| API key | Select this option if it is an internal service. In this case, the API Key field will be displayed; fill it in with the token of the user that will be assigned for the operation. The token used can be generated through the API Gateway section, on the user data screen, when accessed through the user panel. |
| Bearer Token | Select this option if the service uses authentication via token sent in the "Authorization: Bearer <token>" HTTP header. Used in REST APIs and OAuth 2.0. |
| OAuth authentication - Client Credentials |
Select this option if the service uses OAuth authentication with the “Client Credentials” flow. In this case, the system will display the fields in which the Client ID, the Client Secret, and the Scope must be entered. This information comes from the service that will be consumed. The resource for obtaining the service token must conform to the standard specified by OKTA. Click here for more information. Refer to the Usage examples section to see an example of how to add a data source with OAuth authentication. |
| OAuth authentication - Password Grant |
Select this option if the service uses OAuth authentication with the “Password Grant Type” flow. In this case, the system will display the fields in which the User, the Password, the Client ID, the Client Secret, and the Scope must be entered. This information comes from the service that will be consumed. |
| OpenID Connect |
Select this option if the service uses an identity layer on top of OAuth 2.0 for federated authentication and SSO.
|
| WS-Security (Password Text) | Select this option if the service uses the security standard for SOAP web services with credentials in the envelope. In this case, the system will display the fields in which the username and the password must be inserted (password in plain text). |
| JDBC credential | Select this option if the service uses authentication for database connection via Java. In this case, the system will display the fields in which the username (database user) and the password (database password) must be inserted (password in plain text). |
| Personal access token | Select this option if the service employs a user-generated token to authenticate applications without a password. In this case, the API Key field will be displayed; use it to provide the access key with the specific permissions. |
5. Click on the Save button.
To use the logged user, the Internal authentication option can be selected. To define a specific user, it is possible to select the API key option.
Conclusion
All done! The credential is now created and can be used to add data sources, REST data sources, and SOAP data sources.