Skip to main content
Skip table of contents

Connector credentials

Before Nexthink can export data to any third-party supported tools, you must create and define new credentials to connect and enable such communication and then apply the credentials when configuring an outbound connector such as a webhook or data exporter.

Configuring credentials for the first time

Follow these steps to access the Connector credentials page:

  • Click on the Administration icon in the main menu.

  • Click on Connector credentials.

Accessing Connector credentials

If the Connector credentials is not displayed in the menu, reach out to Nexthink Support to enable this functionality as it might be hidden.

When the Connector credentials page is accessed for the first time, it displays an empty list. As soon as a credential is created, it is listed on this page, and a total number of existing credentials is also displayed.

Creating a new credential

The following steps will take you through the process of creating a new credential:

  • Click on the New credential button located in the upper-right corner of the screen to create a new entry.

  • Fill out the Edit credential form.

The following points describe the items in the form:

Refer to the in-product documentation for more information. You can find it in the right-side menu.

Connector credentials for HTTPS

Choose Hypertext Transfer Protocol Secure (HTTPS) from the protocol drop-down menu. Configure the URL address using the URL of the third-party tool. Ensure it follows the https://{host}:{port}/ format. Finally pick the appropriate authorization type.

Examples of URLs

Third-party Tool

Full URL

Instance URL (credential field)










https://{tenant url}/api/rest/ServiceRequest/new

https://{tenant url}/



Jira service desk



Each third-party tool construct the instance URL in a different way. Please refer to the third-party software documentation to ensure that the values you insert are correct.

Supported authorization mechanisms

There are different types of authorization mechanisms supported by the credentials feature, which you can choose with the Authorization type drop-down list.

No Auth (None)

Enter the URL to connect to the third-party tool. This is typically used for Incoming webhook URLs.


Enter a username and password to connect to the third-party tool.

Bearer token

The Header prefix can be configured manually, but if it is not defined, the system enters Bearer as the default value.

Enter an API token in the Token field, typically generated by the third-party tool. It is added automatically into the header when the request is launched.

Bearer token authorization type

OAuth 2.0 - Client credentials

Use the client ID and client secret to obtain a token instead of the typical username and password. Both values are required.

The token has an expiration period and needs to be renewed. You must configure the Access Token URL field to automatically request a new token when the current one has expired.

Scope is an optional field. It details the operations that the system using the client ID and client secret can execute on the target machine.

OAuth 2.0 - Authorization code

Use the client ID and client secret to obtain a token instead of a username and password. Both values are required.

The third-party tool uses a redirect URL to send the authorization code to Nexthink. Use the copy button to copy and add the redirect URL to the third-party tool.

The token has an expiration period after which it must be renewed. You must configure the Authorization code URL and Access token URL  fields to automatically request a new token when the current one has expired. 

Scope is an optional field that lists the operations that the system using the client ID and client secret can execute on the target machine.

Connector credentials for SFTP

  • Choose the Secure File Transfer Protocol (SFTP) from the Protocol drop-down menu.

  • Hostname: the hostname of the SFTP server to connect to in the following format sftp://{hostname}:{port}/. The protocol sftp and the port need to be included.

  • SFTP server fingerprint: Key fingerprints are an important security feature that helps users and client applications authenticate an SSH or SFTP server. Also, it helps the client application determine whether it's really connecting to the server it was intended to connect to. The values supported can start either with ecdsa-sha2 or ssh-rsa.

Values such as, da:47:93:b4:3a:90:5b:50:1f:20:a8:f9:b7:a1:d0:e1 are not valid for this field.

  • Authorization: BASIC is the default value

  • Username: username to connect to the SFTP server

  • Password: password to connect to the SFTP server

Saving a new credential

Once the form has been completed, click on the Save button to save it. If all goes smoothly, you will be redirected to the Credentials page with the list of existing credentials. The new credential should be part of the list.

If there is a configuration mistake, the user interface displays an error message box at the top of the page, reporting the problematic fields.

Click on Cancel to stop the process of creating a new credential and return to the list of Credentials without saving the information in the form.

Editing a credential

You can update a credential by selecting the pencil icon located on the right side of the credential entry on the Credentials list.

Once clicked, you are redirected to the credentials form with pre-filled values for the credential.

The values that appear hidden in the Token or Password fields cannot be copied as they don’t represent the real values for these fields. This has been done for security purposes.

By clicking the Save button, the current values of the credential are updated, and you are redirected back to the Credentials page.

By clicking the Cancel button, you return to the list of credentials without changing the values.

Deleting a credential

If a credential is no longer needed or valid, it can be removed using the trash bin icon on the right side of each credential in the list.

When the trash icon is clicked, a pop-up opens to confirm the delete action.

To confirm, click on the Ok button. The credential will be removed regardless of having a connector linked to it.

Click Cancel if you wish to abort the operation.


JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.