Skip to main content
Skip table of contents

Connector credentials

Before Nexthink can export data to any third-party supported tools, you must create and define new credentials to connect and enable such communication and then apply the credentials when configuring an outbound connector such as a webhook or data exporter.

Configuring credentials for the first time

  • Click on the Administration > Connector credentials in the main menu.

The Connector credentials page remains empty till you save the first credential configuration.

If the system does not display the Connector credentials option in the main menu, reach out to Nexthink Support to enable this functionality as it might be hidden.

Accessing Connector credentials

Creating a new credential

From the Administration > Connector credentials page:

  1. Click on the New credential button located in the top-right corner of the Connector credentials page.

  2. Fill out the credential configuration input fields:

Connector credentials for HTTPS

  1. Choose Hypertext Transfer Protocol Secure (HTTPS) from the Protocol drop-down menu.

  2. Add the URL address using the URL of the third-party tool.

    • Ensure it follows the https://{host}:{port}/ format.

    • Select the appropriate authorization type and fill in the input fields.

  3. Save the credential configuration.

The following table includes URL examples for adding the URL address input field.

Each third-party tool constructs the instance URL differently. Refer to the third-party software documentation to verify the URL values you insert.

Third-party Tool

Full URL

Instance URL (credential field)

ServiceNow

https://<instancename>.service-now.com/api/now/table/{tableName}

https://ven01063.service-now.com/

BMC

https://serverName:port/api/arsys/v1/entry/{formName}

https://serverName:port/

Ivanti

https://{tenant url}/api/rest/ServiceRequest/new

https://{tenant url}/

Freshservice

https://api.freshservice.com/v1/#update_ticket_priority

https://api.freshservice.com/

4me

https://api.4me.com/v1/requests

https://api.4me.com/

Jira service desk

https://<instancename>.atlassian.net/rest/servicedeskapi/request

https://<instancename>.atlassian.net/

Supported authorization mechanisms

Choose the authorization mechanism from the Authorization type drop-down and fill in the related input fields:

Basic

For Basic authorizations, enter a username and password to connect to the third-party tool.

Bearer token

For Bearer token authorizations, the Header prefix can be configured manually, but if not defined, the system enters Bearer by default.

Enter an API token in the Token field. These tokens are typically generated by a third-party tool and added automatically to the header when the request is launched.

Bearer token authorization type
OAuth 2.0 - Client credentials

For OAuth 2.0 - Client credentials authorizations, use the Client ID and Client secret to obtain a token instead of the typical username and password. Both values are required.

The token expires and needs to be renewed. Configure the Access Token URL field to automatically request a new token when the current one expires.

Scope is an optional field that lists the operations the system can execute on the target machine, using the client ID and client secret.

OAuth 2.0 - Authorization code

For OAuth 2.0 - Authorization code authorizations, use the client ID and client secret to obtain a token instead of a username and password. Both values are required.

The third-party tool uses a Redirect URL to send the authorization code to Nexthink. Use the copy button to copy and add the redirect URL to the third-party tool.

The token expires and needs to be renewed. Configure the Authorization code URL and Access token URL  fields to automatically request a new token when the current one expires. 

Scope is an optional field that lists the operations the system can execute on the target machine, using the client ID and client secret.

No Auth (None)

For No Auth (None) authorizations, enter the URL to connect to the third-party tool. This is typically used for Incoming webhook URLs.

Connector credentials for SFTP

  • Choose the Secure File Transfer Protocol (SFTP) from the Protocol drop-down menu.

  • Hostname: the hostname of the SFTP server to connect to in the following format sftp://{hostname}:{port}/. The protocol sftp and the port need to be included.

  • SFTP server fingerprint: This helps users and client applications authenticate an SSH or SFTP server and determine whether it's really connecting to the server it was intended to connect to. The supported host key algorithms are the following:

    • rsa-sha2-512

    • rsa-sha2-256

    • ssh-ed25519

    • ecdsa-sha2-nistp256

    • ecdsa-sha2-nistp384

    • ecdsa-sha2-nistp521

    • ssh-rsa is only supported if the underlying hashing algorithm is not SHA1 (deprecated).

Values such as, da:47:93:b4:3a:90:5b:50:1f:20:a8:f9:b7:a1:d0:e1 are not valid for this field.

  • Authorization: BASIC is the default value

  • Username: username to connect to the SFTP server

  • Password: password to connect to the SFTP server

Saving a new credential

Once you fill out the Credentials input fields, Save the configuration to create a new credential.

If needed, Cancel the process of creating a new credential to dismiss the information from the input fields.

The system displays an error message if the credential configuration fields are invalid.

Editing a credential

From the Administration > Connector credentials page:

  1. Click the edit pencil icon on the right side of the credential item from the Credentials table.

    • Once clicked, you are redirected to the credentials configuration page with the pre-filled values.

    • The Token or Password fields remain hidden and cannot be copied for security purposes. See the image below.

  2. Save the edits made to the credential configuration.

    • Cancel any changes and return Connector credentials page.

Deleting a credential

From the Administration > Connector credentials page:

  1. Click the trash bin icon on the right side of the credential item from the Credentials table.

  2. Confirm the deletion from the Delete webhook credential pop-up.

The system removes credentials regardless of having a connector linked to it.


RELATED LINKS

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.