Credentials
Credentials entered into Therefore™ are encrypted and stored under the central credentials node. Users can reference these credentials while configuring workflow tasks and Referenced Web Services instead of entering the same credentials for multiple tasks.
Users can add new credentials by right-clicking on the node and selecting one of the 'New Credential' options.
New Web Credential
Adds a new web service credential. This type of credential is used in Referenced Web Services, and the Call REST Service task.
New FTP Credential
Adds a credential for accessing an FTP server. This type of credential is used in the Export Document workflow task.
|
Notes: Currently, these FTP servers cannot be used in the Therefore™ Content Connector to import files. |
New Folder
Administrators can create folders below the Credentials node to structure the credentials, and for inheritance of security.
Configuring Web Credentials
All web service configuration options include the Credential ID and the Base URL.
Credential ID
The ID used by administrators when selecting the credential to be referenced in other objects, such as workflow tasks. It must be unique across all web services in the system.
Therefore™ also automatically assigns a unique ID it uses to reference the credential - this ID is displayed on the bottom of the dialog.
Base URL
The base URL of the web service. The credentials or tokens can only be sent to this base URL.
Type
Select the type of web service credential that should be configured from the drop-down list. The options available below will change depending on the type of credential selected. The available types are: Basic, Bearer Token, OAuth – Authorization Flow, and OAuth – Client Credentials.
Basic Type
The following settings are available for configuring the Basic credential type.
Username
The username used to authenticate against the provider.
Password
The password used to authenticate against the provider.
Bearer Token
The following settings are available for configuring the Bearer Token credential type.
Bearer Token
Copy the bearer token issued by the provider into this field.
OAuth - Authorization Flow
This option uses Proof Key for Code Exchange (PKCE) for authentication. Authorization via this credential type retrieves an authorization code and exchanges it for an access token.
The following settings are available for configuring the OAuth – Authorization Flow credential type.
Auth URL
The endpoint for the API provider authorization server to retrieve the authorization code.
Access Token URL
The API endpoint used to retrieve an access token.
Client ID
The client ID of the OAuth M2M application used for REST calls. The OAuth client ID used to generate an access token.
Client Secret
The client secret of the OAuth M2M application used for REST calls. The OAuth client secret is used to generate an access token.
Scope
Optional parameter. If permission scopes are defined in OAuth they can be specified here.
Resource
Optional parameter. If multiple APIs are available setting this parameter specifies the resource a token should be retrieved from.
Client Authentication
Choose how to send the client credentials. The choices are 'Send as Basic Auth Header' or 'Send Client Credentials in Body'.
Authorize using Browser
Authenticate using the system browser.
Authenticate
Clicking the Authenticate button will start a call to retrieve an access token from OAuth.
OAuth - Client Credentials
This credentials type shares its with 'OAuth - Authorization flow'. However, it does not include using an access code so the relevant settings are not available.
|
Note: Refresh Tokens With OAuth, refresh tokens may change with every call. For that reason, Therefore™ uses the credential store up to the point the refresh token is retrieved, and returns it to the task. |
Configuring FTP Credentials
FTP credentials share some settings, such as the Credential ID, with web credentials. In addition, the following settings are available.
Host
The host domain of the FTP service.
Port
The port used to connect to the FTP service.
Connection Type
Select between FTP, FTPS, and SFTP.