Integrations
Credentials
Manage credentials used to authenticate outgoing webhook and Action Flow send-request step requests.
There are three credential types which are currently supported, AWS signed request, OAuth client credentials and basic auth.
Add authentication credentials
- Go to: Configuration > Integrations > credentials. Alternatively, open the command palette and type credentials.
- Select New credential.
- Add details for the new credential.
- Select Save.
OAuth client credentials
Oauth credentials are cached within the platform for 45 seconds after initially being retrieved. This is to avoid overloading the Oauth endpoint with requests. Any token expiration settings should be longer than 45 seconds.
The OAuth client credentials flow supports two request schemes:
Request body
Example of an equivalent request using curl. Credentials are URL encoded and sent in the request body.
curl --location --request POST https://login.microsoftonline.com/common/oauth2/v2.0/token \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'client_secret=MY_CLIENT-SECRET' \
--data-urlencode 'client_id=MY_CLIENT_ID' \
--data-urlencode 'scope=MY_SCOPE'
URL
Example of an equivalent request using curl. Credentials are encoded using query parameters.
curl -request GET 'http://my.auth.com/oauth2/v2.0/token?grant_type=client_credentials&client_secret=MY_CLIENT-SECRET&client_id=MY_CLIENT_ID&scope=MY_SCOPE'
AWS Signed Request
Authenticate a request with AWS IAM, this allows webhooks to interact with AWS services. We recommend creating a bot user in AWS with IAM policy access granted only as-required for use with this credential-type.
- Access key ID: the ID of the access key associated with the AWS IAM user.
- Secret access key: the secret access key associated with the AWS IAM user.
- Sign query: optionally sign the request query instead of adding an Authorization header.
- Session token: optionally provide the session token to use IAM STS temporary credentials.
- Service: the AWS service which you are interacting with, this is added to the signed credentials header exactly as it is entered.
- i.e.
AWS4-HMAC-SHA256 Credential=ACCESS_KEY_ID/20241022/us-east-1/**THE_SERVICE**/aws4_request...
- i.e.
- Region: the AWS region which you are interacting with, this is added to the signed credentials header exactly as it is entered.
- i.e.
AWS4-HMAC-SHA256 Credential=ACCESS_KEY_ID/20241022/**THE_REGION**/THE_SERVICE/aws4_request...
- i.e.
Basic auth
Adds an Authorization header containing the provided username and password encoded as per the standard pattern.
This option is less secure, consider using the alternative options where possible.
AWS
S3 analytics buckets
Writing analytics files to S3 is a premium feature.
Contact us to enable this feature for your Org if it is not already active.
See the integration guide for more information.
S3 Action Flows buckets
File uploads is a premium feature.
Contact us to enable this feature for your Org if it is not already active.
See the guide for more information.
Salesforce
Integration with Salesforce is a premium feature.
Contact us to enable this feature for your Org if it is not already active.
Configure integrations with Salesforce Marketing Cloud here.
Marketo
Integration with Marketo is a premium feature.
Contact us to enable this feature for your Org if it is not already active.
Configure integrations with Marketo here.