While working on the platform interface it is possible that users can accidentally change or delete important or sensitive information.
For such cases we introduce re-authentication for sensitive actions. After 22.20 for the following actions you will be asked to enter your password to authenticate:
Please Note: You will be asked to re-authenticate once every 6 hours.
To prevent erroneous and bot registrations we introduce email verification step to our trial registration process. When you register first time with our platform, an email will be sent to your given email address. Click on the link in your received email to finish your registration. There are certain rules and restrictions to this process as well:
Please Note: If you are invited to the platform directly, no email verification will be required.
We constantly improve different aspects of HELM3 deployments in collaboration with our partners. This section lists updates and improvements included in this release.
When your integration flow needs to transfer big objects or attachments, one of the platform microservices called Maester temporarily stores them in MongoDB while passing only the object IDs through the integration flow steps.
Starting from 22.20, you can use a dedicated database for storing Maester
objects and the run-time attachments. To configure, add
environment variable to HELM3 secrets charts and set it to target this new database.
Note: You will need to migrate the grids to new MongoDB as well to ensure the Maester object availability after implementation.
Organisations who do not need a separate MongoDB instance to store their Maester
objects should set the
MAESTER_MONGO_URI variable to the same value as the
MONGO_URI variable. This will save objects in your main database.
To configure the re-authentication for sensitive actions:
SENSITIVE_ACTION_AUTH_LIFETIMEenvironment variable to HELM3 secrets chart and set it to specify how long user authentications are valid. The system expect the value of this parameter in milliseconds. The default is set to 21600000 (6 hours).
tenant.featureFlags.sensitiveActionsReauthfeature flag (set it to
Information in this section is intended for our customers who use OEM version of the elastic.io platform.
Developing integrations requires a certain level of access to business systems. In cases where the integrators are not responsible for these systems it is critical that only secure access is allowed and that system admins can control credentials used To solve the dilemma we introduce White-labeled credential management feature.
As an integrator you provide a unique URL to the credential holder to enter their access credentials without registering or logging-in to the system. The access holder is presented an interface to enter their credentials, verify them and save.
In addition they can modify the existing credentials as well.
For both cases they are presented with a simple screen to work with only the specified credentials.
There are certain preconditions before you can enable this feature:
Once the above conditions are met you can take the following steps to generate the URL to request credentials from their owner:
The initial URL has a form
/embedded-credentials/repoId where the
would be the ID of component for which you need to set the credential. Then you
would need to add the following query parameters to this URL:
workspaceId(required) - this is the ID of the workspace where integration is set.
ssoProviderType(optional) - values can be
ssoProviderId(optional) - this is the ID of your SSO provider.
Let us construct the URL:
If you do not specify
ssoProviderId then they will be
automatically taken from the
tenant.loginRedirectSsoProvider property but only if this is defined.
signin_v_2type - add the
attributes.signin_v_2attribute containing the URL of the provider logo using the
email_verificationfeature flag (NEW) - set
Cannot add property token, object is not extensibleappears in the platform user interface when trying to evaluate JSONata expressions with
Receive Instant Payment Notificationtrigger
Receive Payment Data Transfertrigger
Make a Paymentaction
component-commons-libraryto read and upload attachments through the
HMACsignature for the
Emit Batchbehavior for the
Read CSV attachmentaction
As a part of our on-going improvements of integration components, we
Here is the list of components for 22.20 release.
1.1.6a.k.a Lookup Table Component