Set up a digest-based HTTP connection

You can build integrations with apps that use the HTTP application connector, even if the specific app connector is not already provided by integrator.io.

Before creating the connection, review your app’s API guide. It will provide the information you need, such as the kind of authentication that the app requires and its URI. Every app puts its documentation – guides and reference material – in different places. You can often find it by searching for “API guide” or “API documentation” on the company’s website.

Tip: Some companies put their documentation on third-party sites. If you can’t find the guide on their website, you can also try a web search.

Why choose digest authentication?

Although the HTTP/1.0 protocol includes a basic authentication scheme, this is not considered to be a secure method of user authentication, as the username and password are passed over the network in an unencrypted form. The digest authentication type, on the other hand, does not send the password in plain text, thus avoiding the most serious flaw of basic authentication. However, it does not meet all security needs and does not encrypt message content.

Contents

• A. Set up an HTTP connection
• B. Provide general HTTP connection settings
• C. Edit digest auth settings
• D. Edit common HTTP settings
• E. Save, test, and authorize

A. Set up an HTTP connection

Start establishing the universal, or generic, HTTP connection in either of the following ways:

• Select Connections from the Resources menu.

• Next, click + Create connection at the top right. In the resulting Create source panel, select HTTP from the Application list, under the Universal connectors group.

• While working in a new or existing integration, you can add an application to a flow simply by clicking Add source or Add destination/lookup. From the Application list, under Universal connectors, select HTTP.

• After the HTTP Application is added, click the Connection setting’s + button to proceed.

B. Provide general HTTP connection settings

Name (required): Provide a clear and distinguishable name. Throughout integrator.io imports and exports, you will have the option to choose this new connection, and a unique identifier will prove helpful later when selecting among a list of connections that you’ve created.

Application (required, non-editable): A reminder of the app you’re editing. 

Mode (required): Select one of the following options:

• Cloud to connect to a publicly accessible server application
• On-premise to connect to a server that is publicly inaccessible and has integrator.io agent installed on it

Agent (required, if On-premise selected for Mode; otherwise not displayed): Select an agent from the list. To connect to an on-premise application, integrator.io requires that an agent be installed on a networked computer. An agent is a small application that allows you to connect to data behind your firewall. When installing an agent, you will specify a unique access token, which then populates the Agent drop-down list. The installed agents connect to integrator.io and establish a reverse SSH tunnel, allowing secure communication without the need to whitelist integrator.io IP addresses in your firewall settings. A single agent can be used by multiple different connections.

C. Edit digest auth settings

Continuing in the Create connection panel, select Digest for the Auth type. At a minimum, you must provide your username and password to establish a connection with digest authentication: 

Username (required): Enter the digest authentication username for the server. The username and password information will be used in generating the digested string and added in the Authorization header during API calls.

Password (required): Enter the password for this account. Multiple layers of protection are in place, including AES 256 encryption, to keep your connection’s password safe. When editing this form later, you must enter this value again; it is stored only when the connection is saved and never displayed as text. 

Override HTTP status code for auth errors (optional): Provide an alternate status code if the HTTP status code for auth errors returned by this app is not the standard 401. For example, for an API that returns a generic 400 status code, enter 400 and then specify the field in the HTTP response body that indicates auth errors.

Path to auth error field in HTTP response body (optional): If the API returns a field that contains auth errors in the HTTP response body, enter the JSON path to that field. For example, when an API returns the field errorMessage with the value Auth failed, then enter errorMessage as the path.

Auth error values (optional): If you supplied a fail path above, enter the exact values that the API will return to indicate auth errors. Separate multiple values with commas.

D. Edit common HTTP settings

Additional HTTP settings are found in the other sections in the Create connection pane (optional sections are collapsed by default):

• Application details
• Nonstandard API rate limiter
• How to test this connection?
• Advanced

For complete documentation of these settings, see Fundamentals of HTTP connections.

E. Save, test, and authorize

Once you have configured the HTTP connection, you have a few options for continuing:

• Save – click this button to test the connection, commit the new connection so that it will be available to all integrations for your account
• Save & close – click to test and save the connection and exit the Create connection pane
• Close – click to exit without saving any new changes
• Test connection – click this button to verify that your new connection is free of errors

When you test or save the connection, it is verified before continuing. 

If the connection fails, double-check the provided settings, and test again.