Web Central Credentials FAQs
Who will be shown as the content creator for content created through integrations built-in Integration Hub?
When content is created in Web Central (CivicEngage Central) through an integration in the Integration Hub, this content will appear to be created by the user whose credentials were used on the integration.
Here is an example:
- Jeff is an organization owner and Web Central System Admin
- Jeff creates a Web Central credential using his user information
- Users with access to use, view, or modify credentials will not be able to view or access Jeff’s password, Application Programming Interface (API) key, or client secret because:
- All secure information such as user passwords, API keys, and client secrets are encrypted
- None of this secure information is shown in the user interface
- Users with access to use, view, or modify credentials will not be able to view or access Jeff’s password, Application Programming Interface (API) key, or client secret because:
- Jeff creates an integration using his Web Central credential
- Aaron does not have access to Integration Hub, but he does have the ability to create content on the Web Central website
- Aaron creates an item that triggers an integration in Integration Hub
- This initial content item correctly shows Joe as the creator of that item
- Content is created in another module on the Web Central website due to this integration
- Since this content was created due to an integration that was built with Jeff’s credentials, Jeff will be the user who created the secondary content item
To prevent this from occurring, as a best practice, you can:
- Create an email account for an Integration Hub user (for example, First Name “Integration” Last Name “Hub”)
- Add this user to your Web Central site with System Admin access (make sure to confirm the account as you would a normal user)
- Create a Web Central Credential using this Integration Hub user
- Use this Credential for your Web Central integrations
This would then show “Integration Hub” as the user that created any content through Integration Hub integrations.
General FAQs
What do I do if my password or client secret has been changed?
Integration Hub Credentials will need to be updated if information such as a password or client secret is changed.
- If a password or client secret is changed and the credential is not updated, any integrations using that credential will be broken and will not run as expected.
- Users will also be unable to create new integrations with the outdated credential
What happens if someone has left our organization and user credentials have been revoked?
If someone has left your organization and their user credentials were used for a credential in Integration Hub, any integration using the credential will no longer run as expected. Users will also be unable to create new integrations with outdated credentials. If this user added or modified integrations, any integration they created or last modified would continue to run unless the integration used a credential that utilized their revoked user name and password.
How to fix this:
- You’ll want to update the credential to use an active user’s username and password.
- You could also delete the credential and create a new one but this will break any integrations using the deleted credential and each of these integrations will also need to be updated to use a valid credential. We recommend just updating the credential, instead.
- Using the best practices for Web Central (above) would also prevent this issue.
How can I be sure my Integration Hub and other CivicPlus products are secure and my sensitive information is safe?
- Only Organization Owners have access to the Applications credentials screen and they are the only users who can add, view, modify, or delete credentials.
- There should only be a select number of highly trusted individuals who are added as organization owners for your organization
- Users with access to use, view, or modify credentials will not be able to view or access secure information for credentials such as passwords, API keys, or client secrets because:
- All secure information such as user passwords, API keys, and client secrets are encrypted
- None of this secure information is shown in the user interface
- A regular user (not an organization owner) needs to be granted access to a group that has been assigned permissions in Integration Hub before they can build integrations in Integration Hub.
How can I tell who created the initial content item?
This will vary based on the trigger of the integration, but in many situations, the user ID for the user who created or last modified the content item will be included as metadata for that item and can be viewed in the run log for an integration.
Comments
Let us know what was helpful or not helpful about the article.0 comments
Please sign in to leave a comment.