Use JWT (JSON Web Token) as a secure digital pass to improve your app’s identity for OAuth specification. You can generate secure JWT tokens by signing in using signature methods such as RSA-SHA and HMAC-SHA. Then, you can utilize these JWT tokens or access tokens to invoke your APIs securely.
A. Set up an HTTP connection
Start establishing the universal, or generic, HTTP connection in either of the following ways:
- Select Connections from the Resources menu.
Next, click + Create connection at the top right. In the resulting Create source panel, select HTTP from the Application list, under the Universal connectors group.
- While working in a new or existing integration, you can add an application to a flow simply by clicking Add source or Add destination/lookup. From the Application list, under Universal connectors, select HTTP.
- After the HTTP Application is added, click the Connection setting’s + button to proceed.
B. Provide general HTTP connection settings
Name (required): Enter a clear and distinguishable name. Throughout integrator.io imports and exports, you will have the option to choose this new connection. A unique identifier will prove helpful later when selecting it from a list of the connections in your account.
Application (required, non-editable): A reminder of the app you’re editing.
Mode (required): Select one of the following options:
- Cloud to connect to a publicly accessible server application
- On-premise to connect to a server that is publicly inaccessible and has integrator.io agent installed on it
Agent (required, if On-premise selected for Mode; otherwise not displayed): Select an agent from the list. To connect to an on-premise application, integrator.io requires that an agent be installed on a networked computer. An agent is a small application that allows you to connect to data behind your firewall. When installing an agent, you will specify a unique access token, which then populates the Agent drop-down list. The installed agents connect to integrator.io and establish a reverse SSH tunnel, allowing secure communication without the need to whitelist integrator.io IP addresses in your firewall settings. A single agent can be used by multiple different connections.
C. Edit JWT bearer settings
Continuing in the Create connection panel, select JWT bearer for the Auth type. The settings then become specific to the JWT bearer authentication type.
As with all universal API connections, the parameters are unique to the vendor’s conventions. Before proceeding, review the developer documentation and your account settings.
Signature method (required): Select the required method to sign the API call. For HMAC signature options, the secret key appears. For all other options, a private key is required.
Secret key (required, HMAC only): Use this key as a secret password that generates the JWT signature.
Private key (required, non-HMAC only): Copy the private key from the portal you want to use to authenticate the connection. Before you add it to integrator.io, you must replace all newline characters (\n) throughout the private key. The private key must be in PEM format. You can convert PFX certificates or convert from a PPK file.
- Paste the private key into a text editor.
- Find \n.
- Delete the \n characters and press Enter or Return. Repeat this for each instance of \n.
- Ensure -----BEGIN PRIVATE KEY----- appears before the key, and -----END PRIVATE KEY----- appears after the key.
- Copy and paste the reformatted private key (including the begin and end declarations) into integrator.io.
Payload (required): The JSON object contains the message sent to the application. This is used along with the secret key to ensure no alteration to the message along the way.
JWT headers (optional): The JWT header is a JSON object that typically consists of two properties:
- alg (Algorithm): Specifies the algorithm used to sign the token. It can be HMAC SHA256, RSA SHA256, or others, depending on the chosen cryptographic algorithm.
- typ (Type): Indicates the token type, typically set to "JWT" for JSON Web Tokens.
D. Edit common HTTP settings
Additional HTTP settings are found in the other sections in the Create connection panel (optional sections are collapsed by default):
- Application details (contains the required settings Base URI and Media type)
- Non-standard API rate limiter
- How to test this connection?
- Advanced
For complete documentation of these settings, see Fundamentals of HTTP connections.
E. Save and test the connection
Once you have configured the HTTP connection, you have a few options for continuing:
- Save – click this button to test the connection, commit the new connection so that it will be available to all integrations for your account
- Save & close – click to test and save the connection and exit the Create connection panel
- Close – click to exit without saving any new changes
- Test connection – click this button to verify that your new connection is free of errors
When you test or save the connection, it is verified before continuing.
If the connection fails, double-check the provided settings, and test again.
Comments
Please sign in to leave a comment.