Authentication Profiles

NOTE   You need an active webhooks subscription plan to create and manage authentication profiles.

>What Is an Authentication Profile?

>Prerequisites for Creating an Authentication Profile

>Types of Authentication Profiles

>Creating an Authentication Profile

>Actions for Authentication Profiles

 

>About Webhooks
See Webhooks

What Is an Authentication Profile?

An authentication profile contains the authentication and authorization information required to access client applications or services.

You associate an authentication profile of a client application with a Sentinel EMS webhook to deliver the event data. When webhooks send the event data to the client application, the authorization information is included in the header of the HTTP request. This secures the data exchange between client applications and webhooks.

Prerequisites for Creating an Authentication Profile

The vendor user must have administrative rights in Sentinel EMS.

Types of Authentication Profiles

Sentinel EMS supports two types of authentication profiles for webhooks:

>Basic Auth: Basic Authentication (Basic Auth) requires vendor users to provide the user name and password of the client application when creating a webhook subscription. When sending the event data, the user name and password are included in the header of the HTTP request.

>OAuth: OAuth requires an authentication token issued by an authorization server to connect to the client applications. The client application checks the authentication token when accepting the HTTP request. To configure OAuth, you need to provide the following information:

Client ID and Client Secret: These are similar to user name and password. Webhooks use these to request an authentication token from the authorization server of the client.

Access Token URL: The URL of the authorization server from which webhooks request the authentication token.

Creating an Authentication Profile

You create an authentication profile from the Authentication Profiles page. To create an authentication profile:

1.From the navigation pane, select Configuration > Authentication Profiles to view the Authentication Profiles page.

2. Click Add Authentication Profile. The Add Authentication Profile page opens.

The attributes that you define for an authentication profile vary according to the type—Basic Auth or OAuth.

Basic Auth

OAuth

3.Fill in the profile attributes (described in the next section), and click Save.

Authentication Profile Attributes

The following table explains the attributes that are used to create an authentication profile:

Attribute Description Required/Optional Valid Values
Profile Name Unique name of the authentication profile.

Required

>Alphanumeric

>Special characters: ! @ # $ % ^ & * ( ) ~

>Up to 200 characters

Type

Type of authentication profile, which specifies the authentication method used by Sentinel EMS to authenticate client requests when working with the Sentinel EMS REST API Reference application.

Possible values:

>Basic Auth: Requires you to specify verified user name and password with your request.

>OAuth: Uses the Client Credentials grant type. This requires you to specify client ID, client secret, and access token URL with your request.

Required

>Basic Auth OR OAuth

>Default: Basic Auth

Basic Auth
User Name User name for the client application. Required

>Alphanumeric

>Up to 100 characters

Password Password for the user name you provided. Required

>Up to 100 characters

Profile Validation

Specifies whether to validate the authentication profile.

>When set to Yes, Sentinel EMS creates the authentication profile only after validating the profile information, by sending a basic authentication request to the server specified in the Validation URL.

>When set to No, Sentinel EMS creates the authentication profile without validating the profile information.

Optional

>Yes OR No

>Default: Yes

Validation URL

Available only when Profile Validation is Yes.

The URL that is used to validate the authentication profile of the client.

Required

>Alphanumeric

>Up to 2000 characters

OAuth Specify OAuth details that a client requires to request an authentication token from the authorization server.

Client ID The public identifier of an application or service. Required

>Alphanumeric

>Up to 200 characters

Client Secret

 

A secret that is confidential to the application and the authorization server.

Required

>Alphanumeric

>Up to 500 characters

Access Token URL

URL of the authorization server that issues the token using the client ID and client secret. A request is sent to this URL with the given credentials.

Required

>Alphanumeric

>Up to 2000 characters

Scope Specifies the access permissions for an authentication profile. Optional Alphanumeric

Profile Validation

Specifies whether to validate the authentication profile.

>When set to Yes, Sentinel EMS creates the authentication profile only after validating the profile information.

>When set to No, Sentinel EMS creates the authentication profile without validating the profile information.

Optional

>Yes OR No

>Default: Yes

Actions for Authentication Profiles

The following table lists the actions available for authentication profiles:

Action Description
Edit button Edit

Updates an existing authentication profile. When editing, Profile Validation is always set to Yes, even if the pre-existing value is No. You can change this to No if needed.

For details on editing authentication profiles, see Editing an Entity.

Delete button Delete

Deletes an authentication profile. You cannot delete an authentication profile if it is associated with one or more webhooks.