Example: Using custom authentication and authentication renewal (refresh)

Edit online
Disclaimer: Veeva Vault is an external, third‑party application. IBM is not affiliated with Veeva Systems Inc., does not endorse Veeva Vault, and makes no representations or warranties about its services or APIs. Any references to Veeva Vault in this topic are for illustration only. Verify all behaviors, endpoints, limits, and terms with the official Veeva Vault documentation before use.

This topic shows how to configure the Veeva Vault connector in the Connector Development Kit to:

  • Obtain a session ID by calling the Veeva Vault login endpoint, and save it as the connector’s token.
  • Use the session ID on subsequent API calls in the Authorization header (as a Bearer token), as supported by the Veeva API.
  • Configure an authentication renewal (refresh) step so Connector Development Kit can regenerate the session ID and retry failed requests (for example, on HTTP 401).

Step 1: Define connection properties

In your connector’s Connection property configuration tab, create the following properties:
  • Vault DNS (string, required): The DNS of the target Vault (for example, myvault.veevavault.com).
  • API version (string, required): The target API version (for example, v24.3).
  • Username (string, required, secret): The vault username.
  • Password (string, required, secret): The vault password.
  • Token or Session ID (string, hidden): A hidden property that stores the Veeva sessionId for runtime (Connector Development Kit uses this to populate the Authorization header on subsequent calls).

Step 2: Configure custom authentication (token) step

  1. Open the Custom authentication configuration tab, then click Add custom authentication step +.
  2. Complete the following fields:
    • Step title: Custom authentication step 1.
    • URL: https://{vaultDNS}/api/{version}/auth

      Use your connection properties to map {vaultDNS} and {version}.

    • Method: POST.
    • Content type: application/x-www-form-urlencoded.
    • Request properties (Body):
      • username: Map to connection property Username.
      • password: Map to connection property Password.
    • Response mapping:
      • Response property: sessionId
      • Located in: BODY
      • Target variable name: The hidden Token or Session ID property (used by runtime).
  3. Click the Configure button to save the step, then review the quick view to confirm the URL, method, and parameter mappings.

Step 3: Configure authentication renewal (refresh) step

  1. Open the Authentication renewal configuration tab.
  2. Click the Copy custom authentication step to copy the token step you created in step 2.
  3. Set the URL value to https://{vaultDNS}/api/{version}/refresh.
  4. Click the Configure button to save the step, then review the quick view to confirm the URL, method, and parameter mappings.

Overview and demo in Connector Development Kit

Animation showing Veeva Vault connector in Connector Development Kit

Testing and verification

  1. Create a connection to the application. For more information, see Managing application connections.
  2. Force or simulate a 401 (unauthorized) error to confirm Connector Development Kit runs the authentication renewal step, updates the token store, and retries successfully.