External Integrator with Eclipse Webhooks Security(GLOBAL_INTEGRATOR)
In specific scenarios, external entities require direct access to Eclipse APIs without the necessity of generating a JWT token. These instances encompass third-party APIs responding to Eclipse regarding request statuses, 3DS notifications, and similar cases where creating JWT tokens is impractical. To address this challenge while upholding API security, Eclipse has introduced the following security measures. The integration involves the creation of a random GUID, setting up a global integrator user, updating global property mappings, configuring webhook settings, and managing header authorization.
1. Generate Random GUID:Create a random GUID with 36 characters, e.g., 39EGvKwrpD99g2C9gDXhUhnrdnFyYTgrxuYh.
2. Create Global Integrator User:Set up a global integrator user with the identity i.e [email protected]".
3. Update Global Property Mapping:Add the generated GUID and the integrator user's identity to the global property "apikey.to.user.mappings" i.e apikey.to.user.mappings=39EGvKwrpD99g2C9gDXhUhnrdnFyYTgrxuYh=[email protected]
4. Header Authorization Setup: Provide the generated GUID to the webhook caller and instruct them to include it as a header in their requests. The header with key Authorization. i.e Authorization=39EGvKwrpD99g2C9gDXhUhnrdnFyYTgrxuYh
Note: Please refer to the below tables to include the global integrator email address for sepcefic endpoints for which it has been created
| Gateway | Property | example |
|---|---|---|
| PNP_CASH | pnp.config=identityMatch | [email protected] |
| ThreeDSecureNotificatio(Wimbo) | 3d.secure.notifications.config=identityMatch | [email protected] |
| pnp.config=identityMatch | csn.config=identityMatch | [email protected] |
Updated 8 months ago