Documentation: Credentials
Flowy credentials
Flowy uniquely classifies credentials, required for accessing various systems or instances, as a distinct object type. This design choice brings several benefits and considerations in terms of security, functionality, and system integrity.
By treating credentials as a separate object type, Flowy ensures a clear demarcation between sensitive and non-sensitive data, which significantly reduces the risk of accidental exposure of credentials. This approach also simplifies the process of managing and changing credentials, making it more efficient and less prone to errors.
One of the key features of Flowy's credential management is the optional encryption of credential values. This feature allows users to add an extra layer of security to their sensitive data. It's worth noting that, intentionally, Flowy does not offer version control for credentials. This decision is a safety measure designed to prevent the potential risk of exposing previous versions of sensitive data, which could still be valuable for unauthorized access or malicious activities.
Note
While Flowy takes robust measures to protect credentials, it's important to be aware of certain security considerations. During the export to a module, specific properties and their values are intentionally omitted for security reasons. This is a deliberate design choice aimed at maintaining the security of the system and the confidentiality of the data. It helps prevent accidental leaks of sensitive information during the export process.
Flowy supports the following credential types:
AWS
tbd
Flowy
Used for authentication against other Flowy instances.
IMAP
tbd
JDBC
The following formats should be used for URL entry:
PostgreSQL
jdbc:postgresql://<host>:<port>/<databaseName>
MySql
jdbc:mysql://<host>:<port>/<databaseName>
Oracle
jdbc:oracle:thin:@<host>:<port>:<databaseName>
Sql Server
jdbc:sqlserver://<host>;databaseName=<databaseName>
JMS
tbd
JWT
tbd
Kafka
tbd
MongoDB
Please enter the URL in the following format:
mongodb://<username>:<password>@host1:port1[,...hostN[:portN]]/<databaseName>?[options]
When attempting to connect to DocumentDB the following steps must be executed upfront:
# download certificates, these depend on the locaton of your server
# eu-west-1 is used throughout this example
wget https://truststore.pki.rds.amazonaws.com/eu-west-1/eu-west-1-bundle.pem
# convert the certificate
openssl x509 -outform der -in eu-west-1-bundle.pem -out eu-west-1-bundle.der
# import the certificate to the default keystore
keytool -import -alias eu-west-1-bundle -keystore $JAVA_HOME/lib/security/cacerts -file eu-west-1-bundle.der
Paymentsense Connect E
tbd
Paymentsense PAC
tbd
Plugin
tbd
RabbitMQ
tbd
Rest
tbd
Script
tbd
Security
tbd
Slack
tbd
SMTP
tbd
Twilio
tbd