Using authentications
To complete certain tasks, your workflows might need to connect to external services. To allow your workflows to connect to these services, you must create authentications. Authentications provide and store the required authorization credentials for each service.
Creating authentications in the UI
- Make sure that you have permission to view and interact with the Authentications page.
- Open the Authentications page.
- If you are connected to another application, click Workflows.
- In the Concert Workflows sidebar, click Authentications.
The Authentications page opens and the list of authentications is shown. You can search, filter, and sort authentications, and include shared authentications in the list.
- Click + Create Authentication.
- In the dialog, enter a name and, optionally, a description.
- In the Service drop-down, select the external service provider that you want to authenticate to.
- Provide the required authentication credentials for the service.
If you prefer to provide certain credentials later, make them overridable by checking the Overridable checkbox. For example, you might make a credential overridable if you prefer to provide it in the workflow editor via a variable or a hard-coded value. For more information, see Auth Override and Auth Override JSON.
- Optional: Verify that the authentication credentials are valid.
- Click Test authentication.
- Select the worker group that you want to use to test the authentication.
- Click Test.
- Click Create.
The new authentication is shown in the list. By using the options in the Actions menu, you can edit or delete the authentication.
- Clicking Auth and creating an authentication.
- Adding an authentication variable in the Start block.
- Adding authentication key variables in workflow blocks that use authentication.
For more information, see Using authentications in workflows.
Creating authentications via API-generated tokens
By using the Concert Workflows API framework, you can create authentications outside of the UI. This flexibility is useful in certain scenarios. For example, a user might want to create an authentication, but might not want (or might not have permissions) to create it in the UI.
In cases like this, a user can request a authentication creation token from their administrator, then create the authentication themselves by passing the token and the authentication credentials in an API call.
- Replace <host_IP_or_FQDN> with the IP address or (FQDN) of the host where Concert Workflows runs.
- In the API's
serviceNameparameter, provide the name of the service that the user requested and ensure that it matches the name of a service in your Concert Workflows instance. - For more information, see the Swagger API documentation that is available on your instance at: https://<host_IP_or_FQDN>/api
In the API's response body, the access_token parameter value will contain the generated token. Provide this token to the requesting user.
- Replace
<host_IP_or_FQDN>with the IP address or (FQDN) of the host where Concert Workflows runs. - In the API request header, enter
Bearer <token>, replacing <token> with the token value, for example:Bearer asdn1d2189d128dd - In the API request body, provide the authorization credentials in key-value pairs inside the following structure:
{ "data": { <credential key 1>: <credential value 1>, <credential key 2>: <credential value 2>, … … } } - For example:
{ "data": { "protocol": "https://", "host": "127.1.2.3", "username": "myuser", "password": "mypassword" } } - For more information, see the Swagger API documentation that is available on your instance at: https://<host_IP_or_FQDN>/api
A successful response to the API call indicates that the authentication is created successfully, can be viewed in the Authentications UI page, and can be used in workflows to authenticate to your chosen external service.