From a6d898aea5089cbc57ab1458c14e88ae7e809b33 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian=20K=C3=B6nig?= Date: Fri, 11 Jul 2025 11:09:03 +0200 Subject: [PATCH 01/10] feat: update api key config examples --- _docs_integrate/examples/example.config.json | 10 +++++++++- _docs_operate/setup-with-docker-compose.md | 10 +++++++++- _docs_operate/setup-with-helm-charts.md | 4 ++-- 3 files changed, 20 insertions(+), 4 deletions(-) diff --git a/_docs_integrate/examples/example.config.json b/_docs_integrate/examples/example.config.json index 05024f821..0a59c47c3 100644 --- a/_docs_integrate/examples/example.config.json +++ b/_docs_integrate/examples/example.config.json @@ -10,7 +10,15 @@ }, "infrastructure": { "httpServer": { - "apiKey": " https://enmeshed.eu/integrate/connector-configuration#httpserver>" + "authentication": { + "apiKey": { + "keys": { + "default": { + "key": " https://enmeshed.eu/integrate/connector-configuration#httpserver>" + } + } + } + } } }, "modules": { diff --git a/_docs_operate/setup-with-docker-compose.md b/_docs_operate/setup-with-docker-compose.md index 9afa219f8..eb2d38839 100644 --- a/_docs_operate/setup-with-docker-compose.md +++ b/_docs_operate/setup-with-docker-compose.md @@ -137,7 +137,15 @@ To use the api platform hosted on the Connector you need to make the following c "infrastructure": { "httpServer": { "enabled": true, - "apiKey": "an-api-key" + "authentication": { + "apiKey": { + "keys": { + "default": { + "key": "" + } + } + } + } } } } diff --git a/_docs_operate/setup-with-helm-charts.md b/_docs_operate/setup-with-helm-charts.md index bf3ad0d4c..89db209a2 100644 --- a/_docs_operate/setup-with-helm-charts.md +++ b/_docs_operate/setup-with-helm-charts.md @@ -93,7 +93,7 @@ pod: name: platform-client-secret key: VALUE - - name: infrastructure__httpServer__apiKey + - name: infrastructure__httpServer__authentication__apiKey__keys__default__key valueFrom: secretKeyRef: name: api-key @@ -148,7 +148,7 @@ pod: name: platform-client-secret key: VALUE - - name: infrastructure__httpServer__apiKey + - name: infrastructure__httpServer__authentication__apiKey__keys__default__key valueFrom: secretKeyRef: name: api-key From 62c24e5992e51d324f34d17a311caf114fd0c2f2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian=20K=C3=B6nig?= Date: Fri, 11 Jul 2025 11:44:05 +0200 Subject: [PATCH 02/10] chore: update the migration guide --- _docs_integrate/migration-from-v6-to-v7.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/_docs_integrate/migration-from-v6-to-v7.md b/_docs_integrate/migration-from-v6-to-v7.md index 58e770844..1cf7bbfaf 100644 --- a/_docs_integrate/migration-from-v6-to-v7.md +++ b/_docs_integrate/migration-from-v6-to-v7.md @@ -38,6 +38,13 @@ The step-by-step instructions can be consulted to start the migration to version Alternatively, the database can be deleted as a whole and [set up again]({% link _docs_operate/setup-with-docker-compose.md %}). - The [image](https://github.com/nmshd/connector?tab=readme-ov-file#connector) used to run the Connector must be updated to version 7. - The [configuration]({% link _docs_operate/configuration.md %}) value `database.dbNamePrefix` of the Connector was removed. Before, it defaulted to `acc-`. If you want to access a database called `acc-connector`, you have to set the `database.dbName` configuration value to `acc-connector` instead of `connector` only. +- Configuring apiKeys for the Connector has changed. + + The `apiKey` property in the configuration file has been replaced by a more structured configuration under `authentication.apiKey.keys..key`. + + Additionally, the support for the `API_KEY` environment variable has been removed, that could be used to define an API key using a short environment variable. As an alternative, the `authentication.apiKey.keys..key` configuration property can be set using [an environment variable]({% link _docs_operate/configuration.md %}#environment-variables). + + You can read more about the authentication configuration in the [configuration documentation]({% link _docs_operate/configuration.md %}#authentication). ### Removed and Changed Data Structures From e012d800bc2e98f84755d50d7e823826028c6329 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian=20K=C3=B6nig?= Date: Fri, 11 Jul 2025 12:18:10 +0200 Subject: [PATCH 03/10] feat: update httpserver config --- _docs_operate/configuration.md | 182 ++++++++++++++++++++++++++++++--- 1 file changed, 170 insertions(+), 12 deletions(-) diff --git a/_docs_operate/configuration.md b/_docs_operate/configuration.md index 1748cd0ae..532571231 100644 --- a/_docs_operate/configuration.md +++ b/_docs_operate/configuration.md @@ -33,7 +33,7 @@ required_by: "infrastructure": { "httpServer": { "enabled": true, - "apiKey": "an-api-key" + "authentication": {} } } } @@ -70,7 +70,15 @@ You want to configure the following values: "httpServer": { "enabled": true, "port": 8080, - "apiKey": "an-api-key" + "authentication": { + "apiKey": { + "keys": { + "default": { + "key": "an-api-key" + } + } + } + } } } } @@ -78,7 +86,7 @@ You want to configure the following values: - The first value can be configured using the variable `infrastructure:httpServer:enabled="true"`. Note that the value is represented as a string in the environment variable and the Connector will rewrite it to its boolean representation. - The second value can be configured using the variable `infrastructure:httpServer:port="8080"`. Note that the value is represented as a string in the environment variable and the Connector will rewrite it to its number representation. -- The third value can be configured using the variable `infrastructure:httpServer:apiKey="an-api-key"`. +- The third value can be configured using the variable `infrastructure:httpServer:authentication:apiKey:keys:default:key="an-api-key"`. ## Configuration options @@ -223,7 +231,15 @@ The HTTP server is the base for the `coreHttpApi` Module. It opens an express HT "cors": { "origin": false }, - "apiKey": "an-api-key" + "authentication": { + "apiKey": { + "keys": { + "default": { + "key": "an-api-key" + } + } + } + } } } } @@ -237,15 +253,9 @@ The HTTP server is the base for the `coreHttpApi` Module. It opens an express HT configure the CORS middleware. Valid options can be found [here](https://github.com/expressjs/cors#configuration-options). -- **apiKey** `required` +- **authentication** `required if running in production mode` - Define the API-Key the Connector should use to authenticate requests. - - The API-Key can be chosen arbitrarily and has to be sent with every request in the `X-API-KEY` HTTP-Header. - - There are no limitations regarding the allowed characters. We recommend using an API-Key that is at least 20 characters long. - - The API-Key protects your Connector from unauthorized access and should therefore be kept secret. + Configure the authentication methods for the HTTP server. At least one authentication method must be configured if the Connector is running in [production mode](#debug). See the [authentication section](#authentication) for more information. - **helmetOptions** `default: depending on the Connector mode` @@ -268,6 +278,147 @@ The HTTP server is the base for the `coreHttpApi` Module. It opens an express HT } ``` +##### authentication {#authentication} + +**Default Configuration:** + +```jsonc +{ + // ... + + "authentication": { + "apiKey": { + "headerName": "X-API-KEY", + "keys": {} + }, + "jwtBearer": {}, + "oidc": {} + } +} +``` + +There are currently three authentication methods available for the HTTP server: `apiKey`, `jwtBearer` and `oidc`. At least one authentication method must be configured if the connector is running in [production mode](#debug). + +If multiple authentication methods are configured, the authentication methods will be executed in the following order: `apiKey` > `jwtBearer` > `oidc`.

For example this means if you enabled `apiKey` and `jwtBearer` and send a wrong API key in combination with a valid JWT bearer token, the request will be rejected. Only sending a valid JWT bearer token will succeed. +{: .notice--info} + +###### apiKey + +**Example Configuration:** + +```jsonc +{ + // ... + "apiKey": { + "keys": { + "default": { + "key": "an-api-key" + } + } + } +} +``` + +The apiKey authentication method is used to authenticate requests using an API key in a header. + +- **enabled** `default: true (if api keys are configured)` + + Whether the API key authentication is enabled or not. If set to `false`, no API keys will be accepted by the Connector. This can be used to temporarily disable the API key authentication without removing it from the configuration. + +- **headerName** `default: "X-API-KEY"` + + The name of the header in which the API key is sent. Defaults to `X-API-KEY`. + +- **keys** `required` + + - **enabled** `default: true` + + Whether the API key is enabled or not. If set to `false`, the API key will not be accepted by the Connector. This can be used to temporarily disable the API key without removing it from the configuration. + + A map of API keys that are allowed to access the Connector. The key is the id of the API key and the value is an object containing the actual API key and some additional configuration options. + + - **key** `required` + + The actual API key that is used to authenticate the request. This key must be kept secret and should not be shared with anyone. + + - **description** `optional` + + A description of the API key. This is optional and can be used to provide additional information about the API key. This is not used by the Connector itself, but can be useful for documentation purposes. + + - **expiresAt** `optional` + + The date and time when the API key expires. This is optional and can be used to automatically disable the API key after a certain period of time. The date must be in ISO 8601 format (e.g. `2063-10-01T00:00:00Z`). + +###### jwtBearer + +**Example Configuration:** + +```jsonc +{ + // ... + "jwtBearer": { + "issuerBaseURL": "https://auth.example.com", + "audience": "an-audience" + } +} +``` + +The jwtBearer authentication method is used to authenticate requests using JSON Web Tokens (JWT). To configure this authentication method, you need to provide at least the following parameters: + +- **enabled** `default: true (if other options are configured)` + + Whether the JWT bearer authentication is enabled or not. If set to `false`, no JWT bearer tokens will be accepted by the Connector. This can be used to temporarily disable the JWT bearer authentication without removing it from the configuration. + +- **issuerBaseURL** `required` + + The base URL of the JWT issuer. This is the URL where the JWT issuer is hosted. This URL must be reachable from the Connector and must not contain a trailing slash `/`. + +- **audience** `required` + + The audience of the JWT. This is the identifier of the Connector in your identity server. + +For more sophisticated use cases, please refer to the [JWT documentation page](https://auth0.github.io/node-oauth2-jwt-bearer/interfaces/AuthOptions.html) where all possibilities are explained in detail. + +###### oidc + +**Example Configuration:** + +```jsonc +{ + // ... + "oidc": { + "issuerBaseURL": "https://auth.example.com", + "baseUrl": "https://connector.example.com", + "clientID": "a-client-id", + "secret": "an-encryption-secret" + } +} +``` + +The oidc authentication method is used to authenticate requests using the OpenID Connect protocol. To configure this authentication method, you need to provide at least the following parameters: + +- **enabled** `default: true (if other options are configured)` + + Whether the OpenID Connect authentication is enabled or not. If set to `false`, no OpenID Connect tokens will be accepted by the Connector. This can be used to temporarily disable the OpenID Connect authentication without removing it from the configuration. + +- **issuerBaseURL** `required` + + The base URL of the OpenID Connect provider. This is the URL where the OpenID Connect provider is hosted. This URL must be reachable from the Connector and must not contain a trailing slash `/`. + +- **baseURL** `required` + + The base URL of the Connector. This is the URL where the Connector is hosted. + +- **clientID** `required` + + The client ID of the Connector. This is the ID that the OpenID Connect provider uses to identify the Connector. + +- **secret** `required` + + The secret(s) of the Connector used to derive an encryption key for the user identity in a stateless session cookie. + +For more sophisticated use cases, please refer to the [OIDC documentation page](https://auth0.github.io/express-openid-connect/interfaces/ConfigParams.html) where all possibilities are explained in detail. + ### modules Every Module can be enabled or disabled by passing true / false to `enabled`. Read more about the Module by clicking on the icon in each title. @@ -361,6 +512,7 @@ It is not recommended to use this Module for production scenarios. Here you can define multiple brokers to which the Connector should publish messages. Each broker consists of a `type` (string) and a `configuration` object. The `type` specifies the type of the broker (e.g. `AMQP` or `PubSub`) and the `configuration` object contains the configuration for the broker. + - type `AMQP` **example** @@ -376,6 +528,7 @@ It is not recommended to use this Module for production scenarios. ``` **configuration** + - url `string, required` - the URL of the AMQP broker @@ -404,6 +557,7 @@ It is not recommended to use this Module for production scenarios. ``` **configuration** + - url `string, required` the URL of the MQTT broker @@ -426,6 +580,7 @@ It is not recommended to use this Module for production scenarios. ``` **configuration** + - projectId `string, required` the project id of the Google Cloud project @@ -452,6 +607,7 @@ It is not recommended to use this Module for production scenarios. ``` **configuration** + - url `string, required` the URL of the broker @@ -518,6 +674,7 @@ It is not recommended to use this Module for production scenarios. **OAuth2** The OAuth2 authentication type is used to authenticate the request to the webhook using the client credentials flow of OAuth2. The Connector will send a bearer token as part of the request in its Authentication header. The OAuth2 authentication is configured using the following parameters: + - **type** `"OAuth2", required` The type of the authentication. @@ -541,6 +698,7 @@ It is not recommended to use this Module for production scenarios. **ApiKey** The ApiKey authentication type is used to authenticate the request to the webhook using an API key. The Connector will send the API key as part of the request using a header. The ApiKey authentication is configured using the following parameters: + - **type** `"ApiKey", required` The type of the authentication. From d48b3cdbd0ec0a1fcaaef9b278e72a725d9ee930 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian=20K=C3=B6nig?= Date: Fri, 11 Jul 2025 12:19:52 +0200 Subject: [PATCH 04/10] chore: prettier --- _docs_operate/configuration.md | 9 --------- 1 file changed, 9 deletions(-) diff --git a/_docs_operate/configuration.md b/_docs_operate/configuration.md index 532571231..c77e06858 100644 --- a/_docs_operate/configuration.md +++ b/_docs_operate/configuration.md @@ -330,13 +330,11 @@ The apiKey authentication method is used to authenticate requests using an API k The name of the header in which the API key is sent. Defaults to `X-API-KEY`. - **keys** `required` - - **enabled** `default: true` Whether the API key is enabled or not. If set to `false`, the API key will not be accepted by the Connector. This can be used to temporarily disable the API key without removing it from the configuration. A map of API keys that are allowed to access the Connector. The key is the id of the API key and the value is an object containing the actual API key and some additional configuration options. - - **key** `required` The actual API key that is used to authenticate the request. This key must be kept secret and should not be shared with anyone. @@ -512,7 +510,6 @@ It is not recommended to use this Module for production scenarios. Here you can define multiple brokers to which the Connector should publish messages. Each broker consists of a `type` (string) and a `configuration` object. The `type` specifies the type of the broker (e.g. `AMQP` or `PubSub`) and the `configuration` object contains the configuration for the broker. - - type `AMQP` **example** @@ -528,7 +525,6 @@ It is not recommended to use this Module for production scenarios. ``` **configuration** - - url `string, required` - the URL of the AMQP broker @@ -557,7 +553,6 @@ It is not recommended to use this Module for production scenarios. ``` **configuration** - - url `string, required` the URL of the MQTT broker @@ -580,7 +575,6 @@ It is not recommended to use this Module for production scenarios. ``` **configuration** - - projectId `string, required` the project id of the Google Cloud project @@ -607,7 +601,6 @@ It is not recommended to use this Module for production scenarios. ``` **configuration** - - url `string, required` the URL of the broker @@ -674,7 +667,6 @@ It is not recommended to use this Module for production scenarios. **OAuth2** The OAuth2 authentication type is used to authenticate the request to the webhook using the client credentials flow of OAuth2. The Connector will send a bearer token as part of the request in its Authentication header. The OAuth2 authentication is configured using the following parameters: - - **type** `"OAuth2", required` The type of the authentication. @@ -698,7 +690,6 @@ It is not recommended to use this Module for production scenarios. **ApiKey** The ApiKey authentication type is used to authenticate the request to the webhook using an API key. The Connector will send the API key as part of the request using a header. The ApiKey authentication is configured using the following parameters: - - **type** `"ApiKey", required` The type of the authentication. From 4df112012e98e8e37968e6980fe0fde52263d435 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian=20K=C3=B6nig?= Date: Fri, 11 Jul 2025 12:29:10 +0200 Subject: [PATCH 05/10] chore: more placeholders --- _docs_integrate/examples/example.config.json | 2 +- _docs_operate/setup-with-docker-compose.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/_docs_integrate/examples/example.config.json b/_docs_integrate/examples/example.config.json index 0a59c47c3..8f5c0c259 100644 --- a/_docs_integrate/examples/example.config.json +++ b/_docs_integrate/examples/example.config.json @@ -13,7 +13,7 @@ "authentication": { "apiKey": { "keys": { - "default": { + "": { "key": " https://enmeshed.eu/integrate/connector-configuration#httpserver>" } } diff --git a/_docs_operate/setup-with-docker-compose.md b/_docs_operate/setup-with-docker-compose.md index eb2d38839..26045221e 100644 --- a/_docs_operate/setup-with-docker-compose.md +++ b/_docs_operate/setup-with-docker-compose.md @@ -140,7 +140,7 @@ To use the api platform hosted on the Connector you need to make the following c "authentication": { "apiKey": { "keys": { - "default": { + "": { "key": "" } } From b7836603486ce88da6bd5d2f8db306b5425abff1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian=20K=C3=B6nig?= Date: Tue, 15 Jul 2025 14:55:36 +0200 Subject: [PATCH 06/10] chore: wording --- _docs_operate/configuration.md | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/_docs_operate/configuration.md b/_docs_operate/configuration.md index c77e06858..84a5a1efe 100644 --- a/_docs_operate/configuration.md +++ b/_docs_operate/configuration.md @@ -319,7 +319,7 @@ If multiple authentication methods are configured, the authentication methods wi } ``` -The apiKey authentication method is used to authenticate requests using an API key in a header. +The `apiKey` authentication method is used to authenticate requests using an API key in a header. - **enabled** `default: true (if api keys are configured)` @@ -330,11 +330,12 @@ The apiKey authentication method is used to authenticate requests using an API k The name of the header in which the API key is sent. Defaults to `X-API-KEY`. - **keys** `required` + + A map of API keys that are allowed to access the Connector. The key of each map entry acts as an id of the API key and the value is an object containing the actual API key and some additional configuration options. - **enabled** `default: true` Whether the API key is enabled or not. If set to `false`, the API key will not be accepted by the Connector. This can be used to temporarily disable the API key without removing it from the configuration. - A map of API keys that are allowed to access the Connector. The key is the id of the API key and the value is an object containing the actual API key and some additional configuration options. - **key** `required` The actual API key that is used to authenticate the request. This key must be kept secret and should not be shared with anyone. @@ -361,7 +362,7 @@ The apiKey authentication method is used to authenticate requests using an API k } ``` -The jwtBearer authentication method is used to authenticate requests using JSON Web Tokens (JWT). To configure this authentication method, you need to provide at least the following parameters: +The `jwtBearer` authentication method is used to authenticate requests using JSON Web Tokens (JWT). To configure this authentication method, you need to provide at least the following parameters: - **enabled** `default: true (if other options are configured)` @@ -393,7 +394,7 @@ For more sophisticated use cases, please refer to the [JWT documentation page](h } ``` -The oidc authentication method is used to authenticate requests using the OpenID Connect protocol. To configure this authentication method, you need to provide at least the following parameters: +The `oidc` authentication method is used to authenticate requests using the OpenID Connect protocol. To configure this authentication method, you need to provide at least the following parameters: - **enabled** `default: true (if other options are configured)` From 3a1f30714ac07cd073402b7a3a13b7590c6eae7f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian=20K=C3=B6nig?= Date: Tue, 15 Jul 2025 14:56:32 +0200 Subject: [PATCH 07/10] chore: wording --- _docs_operate/configuration.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/_docs_operate/configuration.md b/_docs_operate/configuration.md index 84a5a1efe..24849c237 100644 --- a/_docs_operate/configuration.md +++ b/_docs_operate/configuration.md @@ -321,7 +321,7 @@ If multiple authentication methods are configured, the authentication methods wi The `apiKey` authentication method is used to authenticate requests using an API key in a header. -- **enabled** `default: true (if api keys are configured)` +- **enabled** `default: true (if API keys are configured)` Whether the API key authentication is enabled or not. If set to `false`, no API keys will be accepted by the Connector. This can be used to temporarily disable the API key authentication without removing it from the configuration. From 83566c559a5979f2118a52dde757a1b286c993dc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian=20K=C3=B6nig?= Date: Tue, 15 Jul 2025 14:58:57 +0200 Subject: [PATCH 08/10] chore: wording --- _docs_operate/configuration.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/_docs_operate/configuration.md b/_docs_operate/configuration.md index 24849c237..fbc38a194 100644 --- a/_docs_operate/configuration.md +++ b/_docs_operate/configuration.md @@ -297,9 +297,9 @@ The HTTP server is the base for the `coreHttpApi` Module. It opens an express HT } ``` -There are currently three authentication methods available for the HTTP server: `apiKey`, `jwtBearer` and `oidc`. At least one authentication method must be configured if the connector is running in [production mode](#debug). +There are currently three authentication methods available for the HTTP server: `apiKey`, `jwtBearer` and `oidc`. At least one authentication method must be configured if the Connector is running in [production mode](#debug). -If multiple authentication methods are configured, the authentication methods will be executed in the following order: `apiKey` > `jwtBearer` > `oidc`.

For example this means if you enabled `apiKey` and `jwtBearer` and send a wrong API key in combination with a valid JWT bearer token, the request will be rejected. Only sending a valid JWT bearer token will succeed. +If multiple authentication methods are configured, the authentication methods will be executed in the following order: `apiKey` > `jwtBearer` > `oidc`.

For example, this means if you enabled `apiKey` and `jwtBearer` and send a wrong API key in combination with a valid JWT bearer token, the request will be rejected. Only sending a valid JWT bearer token will succeed. {: .notice--info} ###### apiKey From 002594607bbb58340d352e74912ea3a6417f52e6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian=20K=C3=B6nig?= Date: Wed, 16 Jul 2025 14:55:35 +0200 Subject: [PATCH 09/10] chore: bullet points --- _docs_integrate/migration-from-v6-to-v7.md | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/_docs_integrate/migration-from-v6-to-v7.md b/_docs_integrate/migration-from-v6-to-v7.md index 1cf7bbfaf..568d373f7 100644 --- a/_docs_integrate/migration-from-v6-to-v7.md +++ b/_docs_integrate/migration-from-v6-to-v7.md @@ -39,12 +39,9 @@ The step-by-step instructions can be consulted to start the migration to version - The [image](https://github.com/nmshd/connector?tab=readme-ov-file#connector) used to run the Connector must be updated to version 7. - The [configuration]({% link _docs_operate/configuration.md %}) value `database.dbNamePrefix` of the Connector was removed. Before, it defaulted to `acc-`. If you want to access a database called `acc-connector`, you have to set the `database.dbName` configuration value to `acc-connector` instead of `connector` only. - Configuring apiKeys for the Connector has changed. - - The `apiKey` property in the configuration file has been replaced by a more structured configuration under `authentication.apiKey.keys..key`. - - Additionally, the support for the `API_KEY` environment variable has been removed, that could be used to define an API key using a short environment variable. As an alternative, the `authentication.apiKey.keys..key` configuration property can be set using [an environment variable]({% link _docs_operate/configuration.md %}#environment-variables). - - You can read more about the authentication configuration in the [configuration documentation]({% link _docs_operate/configuration.md %}#authentication). + - The `apiKey` property in the configuration file has been replaced by a more structured configuration under `authentication.apiKey.keys..key`. + - Additionally, the support for the `API_KEY` environment variable has been removed, that could be used to define an API key using a short environment variable. As an alternative, the `authentication.apiKey.keys..key` configuration property can be set using [an environment variable]({% link _docs_operate/configuration.md %}#environment-variables). + - You can read more about the authentication configuration in the [configuration documentation]({% link _docs_operate/configuration.md %}#authentication). ### Removed and Changed Data Structures From f6eb293523d3aaa1a8d5951b860fdfd7ba1e5986 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian=20K=C3=B6nig?= Date: Thu, 17 Jul 2025 07:33:07 +0200 Subject: [PATCH 10/10] chore: very chore :D --- _docs_integrate/migration-from-v6-to-v7.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/_docs_integrate/migration-from-v6-to-v7.md b/_docs_integrate/migration-from-v6-to-v7.md index 568d373f7..142e5db66 100644 --- a/_docs_integrate/migration-from-v6-to-v7.md +++ b/_docs_integrate/migration-from-v6-to-v7.md @@ -38,9 +38,9 @@ The step-by-step instructions can be consulted to start the migration to version Alternatively, the database can be deleted as a whole and [set up again]({% link _docs_operate/setup-with-docker-compose.md %}). - The [image](https://github.com/nmshd/connector?tab=readme-ov-file#connector) used to run the Connector must be updated to version 7. - The [configuration]({% link _docs_operate/configuration.md %}) value `database.dbNamePrefix` of the Connector was removed. Before, it defaulted to `acc-`. If you want to access a database called `acc-connector`, you have to set the `database.dbName` configuration value to `acc-connector` instead of `connector` only. -- Configuring apiKeys for the Connector has changed. +- Configuring API keys for the Connector has changed. - The `apiKey` property in the configuration file has been replaced by a more structured configuration under `authentication.apiKey.keys..key`. - - Additionally, the support for the `API_KEY` environment variable has been removed, that could be used to define an API key using a short environment variable. As an alternative, the `authentication.apiKey.keys..key` configuration property can be set using [an environment variable]({% link _docs_operate/configuration.md %}#environment-variables). + - Additionally, the support for the `API_KEY` environment variable has been removed, that could be used to define an API key using a short environment variable. As an alternative, the `authentication.apiKey.keys..key` configuration property can be set using an [environment variable]({% link _docs_operate/configuration.md %}#environment-variables). - You can read more about the authentication configuration in the [configuration documentation]({% link _docs_operate/configuration.md %}#authentication). ### Removed and Changed Data Structures