Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

When registering your application on Maestranomaestrano.com, as an application provider, you will be given an access to Maestrano App Provider Dashboard. The technical aspects of the API portal on Maestrano where the credentials of your application can be found. Simply navigate to the Maestrano dashboard page and click on the API tab.

Image Removed

You integration can be found in your API portal (API tab in the menu). You will find here different tabs: Production, Sandbox1, Sandbox2, etc. The "Sandbox" tabs should be used during the integration phase, and to connect our production environment to all you different non-production environments. The "Production" tab should be used for the release of your application on maestrano.com, and should be connected to your production environment.


...

Table of Contents
absoluteUrltrue
stylenone

...


1 - Where can I find the credentials I will have to use?

In your API portal, you will find the Production application credentials (to be used once the application goes live. The Sandbox applications should ) and the Sandbox credentials (to be used during the integration phase and can be configured with different endpoints, and for all non-production environment). Several Sandbox environments can be set up (with different credentials for every sandbox) if you need to manage several test environments.

Fetch application metadata

Your application configuration must be exposed via the metadata endpoint. This defines the endpoints to use during the SSO process as well as the endpoint for the webhooks for the data-sharing.

Sandbox Application

The sandbox ; just ask our team if your need more sandboxes.

 

Image Added

2 - How does the metadata endpoint work?

In order to understand your application and configure webhooks properly, Maestrano expects you to create a special "metadata" endpoint exposing the configuration of your application preferences in terms of Single Sign-On, data sharing subscriptions, webhooks etc.

Info
titleWhy a metadata endpoint?
We believe that this kind of configuration manifest should belong to your application which is why we ask for a special endpoint on your side.  The other approach would be to make you fill a long and boring form inside your App Provider dashboard on maestrano.com... but that wouldn't help you keeping your code/configuration easy to read and maintain.

 

Once setup, enter the URL of your metadata endpoint into your Maestrano App Provider dashboard then click on 'Update/Fetch'.

Image Added

3 - What to include in my metadata endpoint?

The metadata endpoint should return a JSON document describing your configuration. Note that the call initiated by Maestrano to retrieve your metadata is authenticated via HTTP Basic authentication using your own API credentials (shared secret).

Warning

The fields listed below are listed in Snake case. As our SDKs respect languages conventions, fields' names may vary from an SDK to another (e.g.: Java SDK). Please, refer to your SDK documentation for the exact names to use.

 

 

FieldTypeRequired for
OpenID SSO
Required for
SAML SSO
Change with the tenant
and the environment
Defaults fieldsDescription
environmentstring - -Yes (with the env. only)-
The environment of the platform your are integrated to; accepted values:
- "test" (for the sandbox)
- "uat"
- "production"
app.hoststringYesYes

Yes (with the env. only)

-
Your application host
For UAT and Production environments, it must be a publicly resolvable URL
(you cannot use "http://localhost:3000" for instance)
api.idstringYesYesYes-
The id of your app
It corresponds to the App ID on your Maestrano App Provider API Dashboard
We will provide you the correct value for other tenants than Maestrano
api.hoststringYesYesYesif "environment" is set:
value for Maestrano tenant
The platform host
We will provide you the correct value for other tenants than Maestrano
sso.idmstring - --same as config.app.host
Your Identity Domain Manager
sso.init_pathstring YesYes

This value can be changed
on a per-tenant basis

-
Your application path that allows users to initiate the Single Sign-On handshake.
Upon reaching this endpoint your application will automatically 
create a SSO request and redirect the user to Maestrano.
Maestrano will then authenticate and authorize the user and send him back to your application.  
sso.consume_pathstringYesThis value can be changed
on a per-tenant basis
-
Your application path to the SAML endpoint that allows users to finalize SSO authentication
During the 'consume' action your application sets users and group up and/or log them in.
sso.idpstringYesYesYes

if "environment" is set:
value for Maestrano tenant 

The platform host
We will provide you the correct value for other tenants than Maestrano
 
sso.x509_fingerprintstring -YesYes

if "environment" is set:
value for Maestrano tenant

We will provide you the correct value for other tenants than Maestrano
sso.x509_certificatestring -YesYes

if "environment" is set:
value for Maestrano tenant

We will provide you the correct value for other tenants than Maestrano
connec.hoststringYesYesYes

if "environment" is set:
value for Maestrano tenant

The Connec! endpoint used to fetch data from
We will provide you the correct value for other tenants than Maestrano
 
webhook.account.groups_pathstringYesYesThis value can be changed
on a per-tenant basis
-
Your application path where a notification will be posted 
when an instance of your application is deleted
webhook.account.group_users_pathstringYesYesThis value can be changed
on a per-tenant basis
-
Your application path where a notification will be posted 
when a user is removed from an instance of your application
webhook.connec.notifications_pathstringYesYesThis value can be changed
on a per-tenant basis
-
Your application path where notifications 
(created/updated entities) will be POSTed to
webhook.connec.subscriptions

hash
keys: predefined entities
values: boolean

YesYesNofalse for all entities
The list of entities (organizations, people, invoices etc.) 
for which you want to be notified upon creation/update in Connec!™

 

4 - How can I test my integration?

One of the sandboxes application should be used during the integration phase, or for any non-production environment. You can add the application to your dashboard easily by clicking on the Start Sandbox App button and then choosing the appropriate company.
Once added to your dashboard, you can initiate the SSO process by starting the application, clicking on the application tiletitle.

To test the data sharing end-to-end between your application and another application from the Maestrano platform, you will have to launch an other application on your dashboard. When records are created/updated in a system, notifications will be sent to the other applications from your Maestrano eco-system.