IMPORTANT: This documentation has been discontinued. Read the updated Use of Accounts documentation on our new documentation portal.
Accounts
Whenever you need to use a password, private key, authentication token, among others, we strongly recommend you to use an account registered in the Platform. That way your data is encrypted and doesn't get exposed during the integration execution.
Types of Accounts
Basic
Go for this type of account when you use a component or service that needs an user/password authentication.
USERNAME: name of the user
PASSWORD: password
Custom Auth Header
Go for this type of account when some endpoint needs a custom authentication header.
HEADER-NAME: name of the header
HEADER-VALUE: value of the header
OAuth Bearer
Go for this type of account when you need to store an OAuth-type token. The token will be assigned to the "Authorization" parameter in the request header.
TOKEN: OAuth token
Private Key
Type of account that stores a private key.
Example:
-----BEGIN RSA PRIVATE KEY-----
MIICWwIBAAKBgF2duc4+xxNKlMO9bUud4bzGnuATkQVX3bM/gzxISrgw7B1AzJwA
OT5UChBoIKfmISaaVVY9+/fTpI1szihSqTyemdHnbC+FcDzoK3p53C5ZJ4pL7s+G
Y7vGEa2Z/6JVder6dwJaaOtwf+DfZYiWQjvh8tfAVjVdONE/XZSxOOofAgMBAAEC
-----END RSA PRIVATE KEY-----
KEY: private key
PASSPHRASE: password of the private key
Public Key
This type of account stores a public key.
Example:
-----BEGIN PUBLIC KEY-----
MIGeMA0GCSqGSIb3DQEBAQUAA4GMADCBiAKBgF2duc4+xxNKlMO9bUud4bzGnuAT
kQVX3bM/gzxISrgw7B1AzJwAOT5UChBoIKfmISaaVVY9+/fTpI1szihSqTyemdHn
-----END PUBLIC KEY-----
KEY: public key
Certificate Chain
Sets a chain of certificates. It's used for endpoints that need 2 way SSL authentication or a certificate from the client. The certificate chain must be provided in the correct order and pem format.
To convert your key, you can do it through OpenSSL via the command line, e.g: openssl pkcs12 -in mycert_xpto.p12 -out myapp.pem
Example:
-----BEGIN CERTIFICATE-----
MIIEUTCCAzmgAwIBAgIBATANBgkqhkiG9w0BAQUFADBSMQswCQYDVQQGEwJVUzEj
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIEUTCCAAGVDSHVEbjhdbhjsjeiejAQUFADBSMQswCQYDVQQGEwJVUzEj
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
MIICWwIBAAKBgF2duc4+xxNKlMO9bUud4bzGnuATkQVX3bM/gzxISrgw7B1AzJwA
-----END RSA PRIVATE KEY-----
CHAIN: complete chain of certificates
PASSWORD: password of private key, if necessary
Google Key
Service key to access Google APIs.
Example:
{
"type": "service_account",
"project_id": "project_id",
"private_key_id": "dfdsfrfr43r43r4refbcceceabf8055a12a",
"private_key": "-----BEGIN PRIVATE KEY-----\n-----END PRIVATE KEY-----\n",
"client_email": "user@DOMAIN.iam.gserviceaccount.com",
"client_id": "123456576788888899",
"auth_uri": "https://accounts.google.com/o/oauth2/auth",
"token_uri": "https://accounts.google.com/o/oauth2/token",
"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
"client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/storage%40project.iam.gserviceaccount.com"
}
KEY: Google key
SCOPES: scopes necessary to access determined API (separated by comma). To know more about Google scopes, click here.
Kerberos
Account that stores the Keytab for authentication in environments that use Kerberos.
KEYTAB: base64 of the Keytab file
PRINCIPAL: user of this Keytab (eg.: user@DOMAIN)
SMTP Auth And Properties
Account used for Mail Connector only. It sets that access data to the SMTP server to send emails.
HOST: name of the SMTP server host
PORT: access port to the SMTP server
USERNAME: email of the user
PASSWORD: password of the email
STARTTLS_ENABLE: “true” or “false” values - if “true”, the access will be via SSL.
AUTH: authentication type of the email server
OAuth 2
OAuth is an open pattern for authorization, commonly used to allow Internet users to logon in other websites using their accounts from Google, Microsoft, etc. without exposing the passwords. OAuth gives them a "delegated secure access" to the server resources on the name of the resource owner.
PROVIDER: OAuth provider
SCOPES: OAuth access scopes
We support the following providers:
Microsoft: the "offline_access" scope is mandatory to use the it in Digibee Platform. It is important to remember that this provider accepts only personal accounts.
Google
Mercado Livre
Secret Key
Secret key used for encryption components.
KEY: secret key
API Key
Account that sets an API Key to be used in endpoints that need an API Key.
URL-PARAM-NAME: name of the query parameter in which the set API Key will be used
API-KEY: value of the API Key to be used
IMPORTANT: The following providers set an expiration period for their authentication tokens. For that reason, it is necessary to update the configurations of your Accounts at the end of every period.
Microsoft - 3 months
Google - 6 months
Mercado Livre - 6 months