Screenshot update feb24 (#767)

* Updates to the Access token article Signed-off-by: pcnorth <120174435+pcnorth@users.noreply.github.com> * Updates to the Dropbox integration article Signed-off-by: pcnorth <120174435+pcnorth@users.noreply.github.com> * Screenshot updates to Asset and Document articles Signed-off-by: pcnorth <120174435+pcnorth@users.noreply.github.com> * Screenshot retaken for the Asset page Signed-off-by: pcnorth <120174435+pcnorth@users.noreply.github.com> --------- Signed-off-by: pcnorth <120174435+pcnorth@users.noreply.github.com>
datatrails · Feb 6, 2024 · 3498401 · 3498401
1 parent 8e47d89
commit 3498401
Show file tree

Hide file tree

Showing 8 changed files with 25 additions and 12 deletions.
diff --git a/...opers/developer-patterns/getting-access-tokens-using-app-registrations/index.md b/...opers/developer-patterns/getting-access-tokens-using-app-registrations/index.md
@@ -25,6 +25,12 @@ Non-interactive access to the DataTrails platform is managed by creating `Integr
 
 DataTrails authentication uses the industry-standard OIDC Client Credentials Flow.
 
+The high level steps are:
+1. Create an Integration in the UI
+1. Define access permissions for the Integration in the UI
+1. Request an Access Token using the API
+1. Use the Access Token to make a REST API call to your tenancy.
+
 ## Creating a Custom Integration
 
 If you have already saved a `CLIENT_ID` and a `SECRET`, with the correct [permissions applied](#grant-permissions-to-custom-integration), skip to [Getting a Token With the Custom Integration](#getting-a-token-with-the-custom-integration)
@@ -54,14 +60,16 @@ If `Settings` or `Integrations` does not appear in the navigation, see your Data
 1. You will then be presented with the `CLIENT_ID` and `SECRET` required by the archivist token endpoint
 {{< img src="RecordClientIDandSecret.png" alt="Rectangle" caption="<em>Record your Client ID and Secret</em>" class="border-0" >}}
 {{< caution >}}
-**Caution:** Save the `CLIENT_ID` and `SECRET` to a password manager or secret management service as the `SECRET` can **not** be viewed again. A new `SECRET` can be regenerated by editing the Integration, invalidating the previous `SECRET`.
+**Caution:** Save the `CLIENT_ID` and `SECRET` to a password manager or secret management service as the `SECRET` can **not** be viewed again. A new `SECRET` can be regenerated in the Integration configuration screen but this replaces and invalidates the previous `SECRET`.
 {{< /caution >}}  
 
-### Grant Permissions to Custom Integration
+### Grant Access Permissions to your Custom Integration
+
+In this section we will give your Custom Integration permission to access the Assets, their attributes, and Events that have been recorded in your tenancy. 
 
 Integrations are secured by default, with no read or write permissions within your DataTrails Tenancy. This is is important because the alternative would be to allow read/write access to all Assets and Events by default which opens the risk that an application could be maliciously altered to make changes that would not be permitted by the Tenancy Administrator.
 
-Create and assign an Access Policy to control the ability to create and read DataTrails information.
+The steps below show how to create and assign an Access Policy to control the ability to create and read DataTrails information.<br>For convenience we will grant full access rights to the customer integration in this example. Please see [this article](/platform/administration/sharing-access-inside-your-tenant/) for information on setting up more finely controlled access.
 
 1. Navigate to `Access Policies` on the sidebar
   {{< img src="PolicyManage.png" alt="Rectangle" caption="<em>Access Policies</em>" class="border-0" >}}
@@ -71,7 +79,7 @@ Create and assign an Access Policy to control the ability to create and read Dat
   {{< /note >}}
   {{< img src="PolicyForm.png" alt="Rectangle" caption="<em>Create Access Policy Form</em>" class="border-0" >}}
 1. Click `Permissions` to set a scope for the policy
-1. Set Actors to the `USER_ID` of the Custom Integration
+1. Set Actors to the `CLIENT_ID` of the Custom Integration
    - `User`
    - `Subject Identifier`
    - Paste the `CLIENT_ID` from the previous step
@@ -81,16 +89,21 @@ Create and assign an Access Policy to control the ability to create and read Dat
   **Note:** Each policy can be configured with multiple access rights
   {{< /note >}}
   {{< img src="PolicyPermissionAccess.png" alt="Rectangle" caption="<em>Set Attribute Access and Event Visibility</em>" class="border-0" >}}
-1. Click the `ADD PERMISSION GROUP` for this policy
+1. Click the `ADD PERMISSION GROUP` to save the configuration of this policy
 1. Click the `CREATE POLICY` to complete the creation of this policy
 
 ## Getting a Token With the Custom Integration
 
-Having completed the steps at [Creating a Custom Integration](./#creating-a-custom-integration), and having taken note of the `CLIENT_ID` and the `SECRET`, a token can be obtained with the following command.
+
+Having completed the steps to create a [custom integration](./#creating-a-custom-integration) and [grant access permissions](./#grant-access-permissions-to-your-custom-integration), and having taken note of the `CLIENT_ID` and the `SECRET`, a token can be obtained with the following command.
+
+{{< note >}}
+**Note:** To make things easy we will use local variables and files to store the credentials and token but you can use any method that you wish.
+{{< /note >}}
 
 1. Save the `CLIENT_ID` and `SECRET` saved from above, to local variables
   {{< note >}}
-  **Note:** You can regenerate the secret, which will invalidate the previous credentials
+  **Note:** Remember that you can regenerate the secret but this will invalidate the previous credentials which may be being used by other applications
   {{< /note >}}
 
    ```bash
@@ -130,7 +143,7 @@ You can test access to the DataTrails API using any of the standard API calls. G
 
 If successful, you will see a list of the assets the Integration has access to in the tenancy.
 {{< note >}}
-**Note:** This may be an empty response if no assets are being shared with the user; this is an expected *secure by default* behavior.
+**Note:** This may be an empty response if no assets are being shared with the Integration because an Access Policy has not been created for it; this is an expected *secure by default* behavior.
 {{< /note >}}
 
 Otherwise, check the [Assets OpenAPI Reference](../../api-reference/assets-api/#assets-openapi-reference) for more detailed information on the response codes you may expect if authentication fails and what they mean.

diff --git a/content/platform/administration/dropbox-integration/index.md b/content/platform/administration/dropbox-integration/index.md
@@ -37,9 +37,9 @@ If you create a subfolder in Dropbox after the integration has been set up it wi
  If a folder is unlinked for any reason, such by as direct configuration or by being moved, the Audit Trail will stop. Relinking the folder will restart the Audit Trail but we cannot recover any Events that happened while the folder was unlinked.  
 {{< /note >}}
 {{< note >}}
-**Note:** DataTrails uses <em>xxx...</em> to mask the file name and file path in the public view on Instaproof. This is intentional so that private information cannot be accidentally released via the Instaproof search results and because DataTrails is not intended to replace the excellent file management functionality that is provided by Dropbox.<br>
-Knowledge of the filename is not needed to prove provenance because Instaproof will attest and verify the content of a file even if the filename has been changed.
-
+**Note:** DataTrails masks the file path and replaces the filename with the Asset ID in the public Asset view that is returned by Instaproof. This is intentional so that private information cannot be accidentally released via the Instaproof search results.<br>
+Knowledge of the filename is not needed to prove provenance because Instaproof will attest and verify the content of a file even if the filename has been changed.<br>
+The permissioned view that is seen by an administrator who is logged into a tenancy will show the file name and the file path.
 {{< /note >}}
 
 ### Connecting DataTrails to Dropbox

diff --git a/content/platform/overview/creating-an-asset/Asset.png b/content/platform/overview/creating-an-asset/Asset.png
diff --git a/content/platform/overview/creating-an-asset/AssetRegister.png b/content/platform/overview/creating-an-asset/AssetRegister.png
diff --git a/content/platform/overview/creating-an-asset/BlankForm.png b/content/platform/overview/creating-an-asset/BlankForm.png
diff --git a/content/platform/overview/creating-an-asset/index.md b/content/platform/overview/creating-an-asset/index.md
@@ -32,7 +32,7 @@ The creation of an Asset is the first Event in its lifecycle. The following step
 1. Create your Asset
 {{< tabs name="add_asset" >}}
 {{< tab name="UI" >}}
-Using the sidebar, select `Assets & Documents` and then `Add Custom Asset`
+Using the sidebar, select `Assets & Documents` and then `Register Asset`
 {{< img src="AssetRegister.png" alt="Rectangle" caption="<em>Adding an Asset</em>" class="border-0" >}}
 {{< /tab >}}
 {{< tab name="YAML" >}}

diff --git a/content/platform/overview/registering-a-document-profile-asset/RegDocMenu.png b/content/platform/overview/registering-a-document-profile-asset/RegDocMenu.png
diff --git a/content/platform/overview/registering-a-document-profile-asset/RegDocMenu2.png b/content/platform/overview/registering-a-document-profile-asset/RegDocMenu2.png