Skip to content

Default secret

  • The default secret is auto generate there on creating a new API Maker user.

Note: Secret changes can not push in Git.

Default secret code

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
import * as T from 'types';

let Secret: T.ISecretType | any = {
    common: <T.ISecretTypeCommon>{
        hashingAlgorithm: 'SHA256',
        nonce: '85491cec-2770-4aaf-b35e-601208eed1d0',

        encryptionAlgorithm: 'AES',
        secret: '1eaaca38-cb69-4194-9bbf-5e0155e16e6b',

        encryptionAlgorithmFETransfer: 'AES',
        secretFETransfer: '78e493ee-058c-43ab-826e-a95b59d90d12',

        connectionString: {
            mongodb: 'mongodb://your_username:your_password@server_ip:server_port(27017)/?authSource=admin&replicaSet=rs0&directConnection=true',
            mysql_8: 'mysql://your_username:your_password@server_ip:server_port?multipleStatements=true',
            mysql_5: 'mysql://your_username:your_password@server_ip:server_port?multipleStatements=true',
            mariadb: 'mariadb://your_username:your_password@server_ip:server_port?multipleStatements=true',
            sql_server: 'Server=server_ip;User Id=user_id;Password=your_password;Trusted_Connection=True;TrustServerCertificate=True;',
            postgresql: 'postgresql://your_username:your_password@server_ip:server_port',
            oracle: 'server_ip:server_port/oracle_process_name',
            oracle_username: "your_username",
            oracle_password: "your_password",
        },

        authTokenInfo: [
            {
                authTokenType: T.EAuthTokenType.AM_DB,
                authTokenAMDB: {
                    instance: "INSTANCE_NAME",
                    database: 'DB_NAME',
                    collection: "COLLECTION_NAME",
                    usernameColumn: "USER_NAME_COLUMN",
                    passwordColumn: "USER_PASSWORD_COLUMN"
                }
            }
        ]
    },
    AWSToken: [
        {
            "authTokenType": "AWS",
            "authTokenAWS": {
                "cognitoUserPoolId": "POOL_ID",
                "region": "YOUR_REGION",
                "tokenExpiration": 200,
                "tokenUse": "access",
                "sourceFieldOfUniqueId": "__TOKEN_OBJECT_FIELD_NAME__",
                "groupsDataSource": {
                    "instance": "INSTANCE_NAME",
                    "database": "DATABASE_NAME",
                    "table": "COLLECTION_NAME",
                    "targetFieldForUniqueId": "UNIQUE_COLUMN_NAME",
                    "groupsColumn": "COMMA_SEPARATED_GROUPS",
                    "select": {
                        "COLUMN_NAME1": 1,
                        "COLUMN_NAME2": 1
                    }
                }
            }
        }
    ],
    AzureToken: [
        {
            "authTokenType": "AZURE",
            "authTokenAzureAD": {
                "appId": "__CLIENT_ID__",
                "tenant": "__TENANT_ID__",
                "audience": "",
                "issuer": "",
                "sourceFieldOfUniqueId": "__TOKEN_OBJECT_FIELD_NAME__",
                "groupsDataSource": {
                    "instance": "INSTANCE_NAME",
                    "database": "DATABASE_NAME",
                    "table": "COLLECTION_NAME",
                    "targetFieldForUniqueId": "UNIQUE_COLUMN_NAME",
                    "groupsColumn": "COMMA_SEPARATED_GROUPS",
                    "select": {
                        "COLUMN_NAME1": 1,
                        "COLUMN_NAME2": 1
                    }
                }
            }
        }
    ],
    GoogleToken: [
        {
            "authTokenType": "GOOGLE",
            "authTokenGoogle": {
                "clientId": "YOUR_CLIENT_ID",
                "sourceFieldOfUniqueId": "__TOKEN_OBJECT_FIELD_NAME__",
                "groupsDataSource": {
                    "instance": "INSTANCE_NAME",
                    "database": "DATABASE_NAME",
                    "table": "COLLECTION_NAME",
                    "targetFieldForUniqueId": "UNIQUE_COLUMN_NAME",
                    "groupsColumn": "COMMA_SEPARATED_GROUPS",
                    "select": {
                        "COLUMN_NAME1": 1,
                        "COLUMN_NAME2": 1
                    }
                }
            }
        }
    ]
};
module.exports = Secret;

Hash Algorithm

  • Default hashing algorithm generating hash using system API.
  • API Maker support only the SHA256 algorithm for the hashing.
  • Use Hash system API in the code.

Nonce

  • The nonce is used for the hashing. If it is not available the 'common. secret' will be used for hashing.

Encryption Algorithm & secret

  • encryptionAlgorithm & secret are used in [encryption, decryption] property conversion.
  • Do not change the value of 'secret' and do not share it with anyone or any application.
  • If you are changing its value, you need to decrypt and encrypted the values of the database with the old secret and encrypt with the new secret value manually and recalculate the hash with the new secret value, if we didn't provide nonce earlier.
  • API Maker supports 'AES' | 'RC4' | 'TRIPLEDES' algorithms for the encryption.

Encryption Algorithm for front-end

  • encryptionAlgorithmFETransfer used in [encryption, decryption] system API calls.
  • Used to decrypt data, sent by frontend or mobile app or any client.
  • API Maker supports 'AES' | 'RC4' | 'TRIPLEDES' algorithms for the encryption.

Secret for front-end

  • secretFETransfer can be shared with the front-end/mobile app, so the back-end can decrypt data sent by them, and they can decrypt data shared by the backend.

Database connection strings

  • Add all your database connection strings here, and you will get that list while adding the instances.

Supported databases

API Maker supports the below database to connect with.

Auth token info

  • If there authTokenInfo is provided then in the common object of the secret, in every API user needs to provide the required token until it's not overridden.
  • You can define the authTokenAM, authTokenAMDB and AWS, Azure, Google authorization details in the 'authTokenInfo'.
  • API Maker users can also define the required token objects as we define in the above code AWS Token, Azure token, Google token which can be use in single-sign-on.
  • Learn more of API user token
  • Learn more of AM database user token
  • Learn more of AWS token
  • Learn more of Azure token
  • Learn more of Google token

Connection strings

  • API Maker users can add multiple database connection strings.

    Note: Please provide param 'multipleStatements=true' in the mysql connection string. If you do not provide that param then some functionality can be affected.