Authentication Profiles
NOTE You need an active webhooks subscription plan to create and manage authentication profiles.
|
>What Is an Authentication Profile? >Prerequisites for Creating an Authentication Profile >Types of Authentication Profiles |
>About Webhooks
|
What Is an Authentication Profile?
An authentication profile contains the authentication and authorization information required to access client applications or services.
You associate an authentication profile of a client application with a Sentinel EMS webhook to deliver the event data. When webhooks send the event data to the client application, the authorization information is included in the header of the HTTP request. This secures the data exchange between client applications and webhooks.
Prerequisites for Creating an Authentication Profile
The vendor user must have administrative rights in Sentinel EMS.
Types of Authentication Profiles
Sentinel EMS supports two types of authentication profiles for webhooks:
>Basic Auth: Basic Authentication (Basic Auth) requires vendor users to provide the user name and password of the client application when creating a webhook subscription. When sending the event data, the user name and password are included in the header of the HTTP request.
>OAuth: OAuth requires an authentication token issued by an authorization server to connect to the client applications. The client application checks the authentication token when accepting the HTTP request. To configure OAuth, you need to provide the following information:
•Client ID and Client Secret: These are similar to user name and password. Webhooks use these to request an authentication token from the authorization server of the client.
•Access Token URL: The URL of the authorization server from which webhooks request the authentication token.
Creating an Authentication Profile
You create an authentication profile from the Authentication Profiles page. To create an authentication profile:
1.From the navigation pane, select Configuration > Authentication Profiles to view the Authentication Profiles page.
2. Click Add Authentication Profile. The Add Authentication Profile page opens.
The attributes that you define for an authentication profile vary according to the type—Basic Auth or OAuth.
Basic Auth
OAuth
3.Fill in the profile attributes (described in the next section), and click Save.
Authentication Profile Attributes
The following table explains the attributes that are used to create an authentication profile:
| Attribute | Description | Required/Optional | Valid Values |
|---|---|---|---|
| Profile Name | Unique name of the authentication profile. |
Required |
>Alphanumeric >Special characters: ! @ # $ % ^ & * ( ) ~ >Up to 200 characters |
| Type |
Type of authentication profile, which specifies the authentication method used by Sentinel EMS to authenticate client requests when working with the Sentinel EMS REST API Reference application. Possible values: >Basic Auth: Requires you to specify verified user name and password with your request. >OAuth: Uses the Client Credentials grant type. This requires you to specify client ID, client secret, and access token URL with your request. |
Required |
>Basic Auth OR OAuth >Default: Basic Auth |
| Basic Auth | |||
| User Name | User name for the client application. | Required |
>Alphanumeric >Up to 100 characters |
| Password | Password for the user name you provided. | Required |
>Up to 100 characters |
| Profile Validation |
Specifies whether to validate the authentication profile. >When set to Yes, Sentinel EMS creates the authentication profile only after validating the profile information, by sending a basic authentication request to the server specified in the Validation URL. >When set to No, Sentinel EMS creates the authentication profile without validating the profile information. |
Optional |
>Yes OR No >Default: Yes |
| Validation URL |
Available only when Profile Validation is Yes. The URL that is used to validate the authentication profile of the client. |
Required |
>Alphanumeric >Up to 2000 characters |
|
OAuth Specify OAuth details that a client requires to request an authentication token from the authorization server. |
|||
| Client ID | The public identifier of an application or service. | Required |
>Alphanumeric >Up to 200 characters |
|
Client Secret
|
A secret that is confidential to the application and the authorization server. |
Required |
>Alphanumeric >Up to 500 characters |
| Access Token URL |
URL of the authorization server that issues the token using the client ID and client secret. A request is sent to this URL with the given credentials. |
Required |
>Alphanumeric >Up to 2000 characters |
| Scope | Specifies the access permissions for an authentication profile. | Optional | Alphanumeric |
|
Profile Validation |
Specifies whether to validate the authentication profile. >When set to Yes, Sentinel EMS creates the authentication profile only after validating the profile information. >When set to No, Sentinel EMS creates the authentication profile without validating the profile information. |
Optional |
>Yes OR No >Default: Yes |
Actions for Authentication Profiles
The following table lists the actions available for authentication profiles:
| Action | Description | |
|---|---|---|
|
Edit |
Updates an existing authentication profile. When editing, Profile Validation is always set to Yes, even if the pre-existing value is No. You can change this to No if needed. For details on editing authentication profiles, see Editing an Entity. |
|
Delete |
Deletes an authentication profile. You cannot delete an authentication profile if it is associated with one or more webhooks. |