All Collections
Settings
Use of Accounts
Use of Accounts

Know what they are and how to use them.

Micaella Mazoni avatar
Written by Micaella Mazoni
Updated over a week ago

IMPORTANT: This documentation has been discontinued. Read the updated Use of Accounts documentation on our new documentation portal.

Accounts

Whenever you need to use a password, private key, authentication token, among others, we strongly recommend you to use an account registered in the Platform. That way your data is encrypted and doesn't get exposed during the integration execution.

Types of Accounts

Basic

Go for this type of account when you use a component or service that needs an user/password authentication.

  • USERNAME: name of the user

  • PASSWORD: password

Custom Auth Header

Go for this type of account when some endpoint needs a custom authentication header.

  • HEADER-NAME: name of the header

  • HEADER-VALUE: value of the header

OAuth Bearer

Go for this type of account when you need to store an OAuth-type token. The token will be assigned to the "Authorization" parameter in the request header.

  • TOKEN: OAuth token

Private Key

Type of account that stores a private key.

Example: 

-----BEGIN RSA PRIVATE KEY-----
MIICWwIBAAKBgF2duc4+xxNKlMO9bUud4bzGnuATkQVX3bM/gzxISrgw7B1AzJwA
OT5UChBoIKfmISaaVVY9+/fTpI1szihSqTyemdHnbC+FcDzoK3p53C5ZJ4pL7s+G
Y7vGEa2Z/6JVder6dwJaaOtwf+DfZYiWQjvh8tfAVjVdONE/XZSxOOofAgMBAAEC
-----END RSA PRIVATE KEY-----

  • KEY: private key

  • PASSPHRASE: password of the private key

Public Key

This type of account stores a public key.

Example:

-----BEGIN PUBLIC KEY-----
MIGeMA0GCSqGSIb3DQEBAQUAA4GMADCBiAKBgF2duc4+xxNKlMO9bUud4bzGnuAT
kQVX3bM/gzxISrgw7B1AzJwAOT5UChBoIKfmISaaVVY9+/fTpI1szihSqTyemdHn
-----END PUBLIC KEY-----

  • KEY: public key

Certificate Chain

Sets a chain of certificates. It's used for endpoints that need 2 way SSL authentication or a certificate from the client. The certificate chain must be provided in the correct order and pem format.

To convert your key, you can do it through OpenSSL via the command line, e.g: openssl pkcs12 -in mycert_xpto.p12 -out myapp.pem

Example:

-----BEGIN CERTIFICATE----- 
MIIEUTCCAzmgAwIBAgIBATANBgkqhkiG9w0BAQUFADBSMQswCQYDVQQGEwJVUzEj
-----END CERTIFICATE----- 
-----BEGIN CERTIFICATE----- 
MIIEUTCCAAGVDSHVEbjhdbhjsjeiejAQUFADBSMQswCQYDVQQGEwJVUzEj
-----END CERTIFICATE----- 
-----BEGIN RSA PRIVATE KEY-----
MIICWwIBAAKBgF2duc4+xxNKlMO9bUud4bzGnuATkQVX3bM/gzxISrgw7B1AzJwA
-----END RSA PRIVATE KEY-----

  • CHAIN: complete chain of certificates

  • PASSWORD: password of private key, if necessary

Google Key

Service key to access Google APIs.

Example:

{
  "type": "service_account",
  "project_id": "project_id",
  "private_key_id": "dfdsfrfr43r43r4refbcceceabf8055a12a",
  "private_key": "-----BEGIN PRIVATE KEY-----\n-----END PRIVATE KEY-----\n",
  "client_email": "[email protected]",
  "client_id": "123456576788888899",
  "auth_uri": "https://accounts.google.com/o/oauth2/auth",
  "token_uri": "https://accounts.google.com/o/oauth2/token",
  "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
  "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/storage%40project.iam.gserviceaccount.com"
}

  • KEY: Google key

  • SCOPES: scopes necessary to access determined API (separated by comma). To know more about Google scopes, click here.

Kerberos

Account that stores the Keytab for authentication in environments that use Kerberos.

  • KEYTAB: base64 of the Keytab file

  • PRINCIPAL: user of this Keytab (eg.: user@DOMAIN)

SMTP Auth And Properties

Account used for Mail Connector only. It sets that access data to the SMTP server to send emails.

  • HOST: name of the SMTP server host

  • PORT: access port to the SMTP server

  • USERNAME: email of the user

  • PASSWORD: password of the email

  • STARTTLS_ENABLE: “true” or “false” values - if “true”, the access will be via SSL.

  • AUTH: authentication type of the email server

OAuth 2

OAuth is an open pattern for authorization, commonly used to allow Internet users to logon in other websites using their accounts from Google, Microsoft, etc. without exposing the passwords. OAuth gives them a "delegated secure access" to the server resources on the name of the resource owner.

  • PROVIDER: OAuth provider

  • SCOPES: OAuth access scopes

We support the following providers:

  • Microsoft: the "offline_access" scope is mandatory to use the it in Digibee Platform. It is important to remember that this provider accepts only personal accounts.

  • Google

  • Mercado Livre

Secret Key

Secret key used for encryption components.

  • KEY: secret key

API Key

Account that sets an API Key to be used in endpoints that need an API Key.

  • URL-PARAM-NAME: name of the query parameter in which the set API Key will be used

  • API-KEY: value of the API Key to be used

IMPORTANT: The following providers set an expiration period for their authentication tokens. For that reason, it is necessary to update the configurations of your Accounts at the end of every period.

Microsoft - 3 months
Google - 6 months
Mercado Livre - 6 months

Related Articles
Kafka - Component
Kafka Trigger
JWT
Google IAP Token
New OAuth2 Architecture
Did this answer your question?