Versions Compared
Key
- This line was added.
- This line was removed.
- Formatting was changed.
| Insert excerpt | ||||||||
|---|---|---|---|---|---|---|---|---|
|
This page is for data modellers who need to provide securely-stored credentials to access data via HTTP.
Overview
When importing data via HTTP, you sometimes need to provide authentication to an external site. You can do this by storing There are several options for how to store and then reference the username and password
- as plain text the HTTP datasource instance. This is not secure.
- encrypted within a PhixFlow local secret as 2 key-value pairs, as described below.
- encrypted within a keystore, where the key is generated by PhixFlow and the same key+value is stored in the keystore.
Store Authentication in Plain Text
| Warning |
|---|
This method stores a username and password in plain text in the PhixFlow database. |
Step 1: Store the credentials:
- Open a HTTP datasource properties
- in the HTTP Datasource Instances section add a new instance
- In the instance, enter the details for the Name, Username and Password properties
- Save the properties.
Step 2: Use the credentials:
In an analysis models, the HTTP datasource must have a HTTP collector or HTTP exporter connected to it. Expressions within the HTTP collector and exporter can use the following variables to reference the username and password.
%USERNAME%%PASSWORD%.Store Authentication Encrypted in PhixFlow
To store a username and password encrypted in PhixFlow, configure a key/value pair using the secret key.
You can use the secret key name to refer to the encrypted value in:
- HTTP collectors and exporters → URL Expression or Statement Expression fields in
- HTTP Headers Properties → Basic Settings → Value.
by specifying ${_datasource.key} where key is the Name of the secret key.
When you run analysis, PhixFlow uses the secret key Name to find the key, which finds the encrypted secret. It then provides the de-encrypted value to authenticate to the external site.
To create a key/value pair, in an HTTP datasource properties → Secret Key Details section, click Insert excerpt
| Insert excerpt | ||||||
|---|---|---|---|---|---|---|
|
Secret Key
| Insert excerpt | ||||||||
|---|---|---|---|---|---|---|---|---|
|
| Insert excerpt | ||||||
|---|---|---|---|---|---|---|
|
Basic Settings
| Field | Description | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Name | Enter a name.
${_datasource.key} . | ||||||||||||||||||||||||
| Key | Read-only. When you save the secret key, PhixFlow automatically generates a unique key in this field. The key is a combination of the Name and the internal ID of the HTTP datasource.
| ||||||||||||||||||||||||
| Enabled |
| ||||||||||||||||||||||||
| Secret | Click
When you save the local secret, PhixFlow displays asterisks here to show that the secret value has been encrypted. To edit a secret value, click
To delete a secret value, click
If you don't define a secret, PhixFlow will look for secret in its own secret service or in the keystore. You can save the secret key without adding a secret. In this case, you must add the secret key and a value to the keystore; see Authenticating to a Website and Adding Data to a Keystore. |
| Insert excerpt | ||||||
|---|---|---|---|---|---|---|
|
| Insert excerpt | ||||||
|---|---|---|---|---|---|---|
|
Local Secret
| Insert excerpt | ||||||||
|---|---|---|---|---|---|---|---|---|
|
| Anchor | ||||
|---|---|---|---|---|
|
| Field | Description | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Key | Read only. The same automatically-generated key in the secret key paired with this local secret. | ||||||||
| Secret | Enter the value that you want to encrypt, such as a password. To switch between displaying or hiding the value, click
PhixFlow encrypts the value when storing it in the database, but when it is required to authenticate to an external site, PhixFlow supplies the unencrypted string. |
| Insert excerpt | ||||||
|---|---|---|---|---|---|---|
|
The name is what you refer to in an expression. Internally tables
You can have key without a secret
GUI presents it as a name a flag and a secret.
in the properties Name - key, secret
Store Authentication Encrypted in the Keystore
todo-fiona
Define a local key secret and enter keynames
Internal IDs
If you dont put in a local secret
it will look in the keystore
If you have configured a Java keystore Configure a Keystore and Aliases and Adding Data to a Keystore you can use this to store secure credentials instead of using a Local Secret.
If you want to you can use a keystore.
32 digits.password key
32 digits = datasource
Datasource and HTTP Datasource modelling objects have properties → Advanced → Internal ID.
This is a read-only field that provides the database identifier for the datasource.
You can supply a key-value pair to the keystore. However, the username and password key or value requires the datasource ID.
EG. Datasource needs a username XYZ and password ABC
Key datasource1-username - internalIDXYZ
Key datasource1-pw - internalIABC
Why its there is to help with debugging complex issues as requested by support...
Datasource
To reference them, in the expressions, use ${_datasource.key} where key is the key. Using a Secret
To use the username and password
- In an analysis model, connect the HTTP datasource to a HTTP modelling object.
- In the expression within the modelling object, reference the username, password. Expression fields are:
- HTTP collectors and HTTP exporters → URL Expression or Statement Expression
- HTTP Headers Properties → Basic Settings → Value.
| Insert excerpt | ||||
|---|---|---|---|---|
|
| Live Search | ||||||||
|---|---|---|---|---|---|---|---|---|
|
| Panel | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||
|
Learn More
For links to all pages in this topic, see Analysis Models for Batch Processing Data.
| Insert excerpt | ||||||
|---|---|---|---|---|---|---|
|