Connector credentials
Last updated
Last updated
Before Nexthink can export data to any third-party supported tools, you must create and define new credentials to connect and enable such communication and then apply the credentials when configuring an outbound connector such as a webhook or data exporter.
Click on the Administration > Connector credentials in the main menu.
The Connector credentials page remains empty until you save the first credential configuration.
If the system does not display the Connector credentials option in the main menu, reach out to Nexthink Support to enable this functionality as it might be hidden.
From the Administration > Connector credentials page:
Click on the New credential button located in the top-right corner of the Connector credentials page.
Fill in the credential configuration input fields:
Name: The unique name of the credential.
Protocol options:
Hypertext Transfer Protocol Secure (HTTPS). Refer to the Connector credentials for HTTPS section below.
Secure File Transfer Protocol (SFTP). Refer to the Connector credentials for SFTP section below.
Choose Hypertext Transfer Protocol Secure (HTTPS) from the Protocol drop-down menu.
Add the URL address using the URL of the third-party tool.
Ensure it follows the https://{host}:{port}/
format.
Select the appropriate authorization type and fill in the input fields.
Save the credential configuration.
The following table includes URL examples for adding the URL address input field.
Each third-party tool constructs the instance URL differently. Refer to the third-party software documentation to verify the URL values you insert.
Third-party tool | Full URL | Instance URL (credential field) |
---|---|---|
ServiceNow |
|
|
BMC |
|
|
Ivanti |
|
|
Freshservice |
|
|
4me |
|
|
Jira Service Desk |
|
|
Choose the authorization mechanism from the Authorization type drop-down and fill in the related input fields according to the type:
Basic authorizations: Enter a username and password to connect to the third-party tool.
Bearer token authorizations: The Header prefix can be configured manually, but if not defined, the system enters Bearer by default.
Enter an API token in the Token field. These tokens are typically generated by a third-party tool and added automatically to the header when the request is launched.
OAuth 2.0 - Client credentials authorizations: Use the Client ID and Client secret to obtain a token instead of the typical username and password. Both values are required.
The token expires and needs to be renewed. Configure the Access Token URL field to automatically request a new token when the current one expires.
Scope is an optional field that lists the operations the system can execute on the target machine, using the Client ID and Client secret.
OAuth 2.0 - Authorization code authorizations: Use the client ID and client secret to obtain a token instead of a username and password. Both values are required.
The third-party tool uses a Redirect URL to send the authorization code to Nexthink. Use the copy button to copy and add the redirect URL to the third-party tool.
The token expires and needs to be renewed. Configure the Authorization code URL and Access token URL fields to automatically request a new token when the current one expires.
Scope is an optional field that lists the operations the system can execute on the target machine, using the client ID and client secret.
No Auth (None) authorizations: Enter the URL to connect to the third-party tool. This is typically used for Incoming Webhook URLs.
Choose the Secure File Transfer Protocol (SFTP) from the Protocol drop-down menu.
Hostname: The hostname of the SFTP server to connect to, in the following format sftp://{hostname}:{port}/
. The protocol sftp
and the port
must be included.
SFTP server fingerprint: This helps users and client applications authenticate an SSH or SFTP server and determine whether it's really connecting to the server it was intended to connect to. The supported host key algorithms are the following:
rsa-sha2-512
rsa-sha2-256
ssh-ed25519
ecdsa-sha2-nistp256
ecdsa-sha2-nistp384
ecdsa-sha2-nistp521
ssh-rsa
is only supported if the underlying hashing algorithm is not SHA1 (deprecated).
Values such as, da:47:93:b4:3a:90:5b:50:1f:20:a8:f9:b7:a1:d0:e1
are not valid for this field.
Authorization: Choose the authorization type from the drop-down list.
Basic: Enter a username and password to connect to the SFTP server.
SSH key: Enter a username and SSH key—with an optional passphrase—to connect to the SFTP server.
Once you fill in the credentials input fields, Save the configuration to create a new credential.
If needed, Cancel the process of creating a new credential to remove the information from the input fields.
The system displays an error message if the credential configuration fields are invalid.
From the Administration > Connector credentials page:
Click the pencil icon on the right side of the credential item in the Credentials table.
Once clicked, you are redirected to the credentials configuration page with the prefilled values.
The Token or Password fields remain hidden and cannot be copied for security purposes. See the image below.
Save the edits made to the credential configuration.
Cancel any changes and return to the Connector credentials page.
From the Administration > Connector credentials page:
Click the trash bin icon on the right side of the credential item in the Credentials table.
Confirm the deletion from the Delete webhook credential pop-up.
The system removes credentials regardless of having a connector linked to it.
RELATED LINKS