Skip to main content

Credentials component

Provides authentication and authorization credentials for components connecting to secured resources (HTTP, Streaming, etc.). Secured information is never stored as part of the configuration of this component. It encodes the parameters required for connector components to formulate the secured requests to Kelp Data Gateway.

https://kroki.io/svgbob/svg/eNpT0NPFBHpcCjUKQOBclJqSmleSmZhTDOLWAIWxqK6BqgaCZCQN-bpcCupYlKsDALpkGXw=

Out-ports#

credentials JSON Returns encoded security instructions that are used by connector components to make secured requests.

Overview#

Credentials component is used to set up a connection to a secured resource. Its purpose is to allow user to configure the connection and pass the necessary parameters to compatible components in a standard and convenient way. Connector components with credentials input port are compatible with Credentials component, e.g. HTTP, Streaming, and others.

Security tokens generated for a configured secured resource are never stored as part the app schema. All secured and sensitive data is stored in a secured Vault and never returned back to the client. Credentials component in this case works as a mediator between the app and secured Vault. Learn more about Connecting to Data.

The credentials output port of the Credentials component should be always connected to the credentials input port of the compatible components.

Settings#

Configuration of the Credentials component is a simple process but involves several steps. If you're not sure what all of these steps mean, then its better to start from learning more about security and how Connecting to Data works in Kelp.

Connection#

Select the pre-configured connection from the list. If you need to create new connection then click on "Create New" button and come back after the new connection is created.

Token Grant Method#

Applicable only for OAuth 2.0 and OIDC types of connections.

Choose what type of grant method to obtain access token is required for your connection:

  • Client credentials grant is suitable for machine-to-machine authentication where a specific user’s permission to access data is not required and authorization server issues an access token directly.
  • Authorization code grant method is used when user should authorize service to get access to the data. When this method is selected, authorization server returns an authorization code that should be exchanged for an access token.
tip

Check the target API documentation to find out what type of grant method is applicable.

If you select Authorization code grant method, you will need to authorize the requests to the secured resource and get an access token. Please provide scopes that you want to limit the access to. Follow the steps in the documentation of the target API to complete authorization.

Token Placement#

Select whether the access token is placed in the request header or as a query parameter. This setting overwrites default token placement, which is set up during Connection configuration.

Parameter Name#

Specify parameter key value. Authorization is the default keyword.

Parameter Value#

Specify parameter value, Bearer {token} is set by default.

tip

Parameter name and value are usually provided during Connection setup, however you can override them when configuring this component.

Related#

HTTP Connecting to Data

Learn More#

OAuth 2.0 - OAuth

OpenID Connect | OpenID