Using API Credentials with Copado

Please use the following instructions to specify an API key value provided by DigitSec for authentication with Copado rather than using a Username and Password. This is particularly helpful for organizations that wish to use Single Sign-On and Copado.

In addition to configuring settings on Salesforce/Copado, you will need access to the Integrations-> API tab of the DigitSec Workspace you wish to connect to Copado. Your user account must have permissions to initiate scans for that Workspace.

Please take note that it is important that field labels and values are case-sensitive, so it is important to match the labels and values in these instructions. 

1. On your Salesforce where Copado is installed, navigate to Setup -> Named Credentials.
2. Click on the "External Credentials" tab.
   
3. Click the "New" button.
4. For both the "Label" and "Name" inputs, please enter "digitsecAPI". Use the dropdown menu for "Authentication Protocol" to select "Custom". Please see match what you see in the screenshot below.
   
5. In the Principal Section, click New. For the "Parameter Name" input, you may enter a value of your choice. Click the "Add" button next to the "Authentication Parameters" section. In the "Name" field, please enter "Clientid" and in the "Value" field, please enter your DigitSec API token from the Workspace you wish to connect. Once the values have been entered, please click the "Save" button.
   
6. Click the "New" button in the Custom Header section. For the "Name" field, please enter "apitoken". For the "Value" field, enter "{!$Credential.digitsecAPI.ClientId}". Complete this entry by clicking the "Save" button.
   
7. Return to the "Named Credentials" tab and click the "New" button. For both "Label" and "Name", enter "digitsec1" as the value. The URL should be "https://s4.digitsec.com". The "Enabled for Callouts" switch should be "ON". Under the "Authentication" section header, use the drop down to select "digitsecAPI" for the External Credential. Under the "Callout Options" section header, Generate Authorization Header should be left unchecked; "Allow Formulas in HTTP Header" should be checked. Complete this entry by clicking the "Save" button. 
   
8. Use the Salesforce navigation to visit "Setup -> External Services" and click on "DigitSecService". Click on the "Edit" link and then select the credentials that you created in Steps 1-7 ("digitsec1"). Click "Save & Next".
   
   
9. Please modify the Profile or the User who will be running Copado and grant access to the External Credential Principal. 
   
   Use the Salesforce navigation to vist "Setup -> Profiles -> <Selected Profile> -> External Credential Principal Access". 
   
   See the screenshot below for an example of adding access to a Profile. Once digitsecAPI is in the "Added" zone, click "Save".
   

The DigitSec Copado extension should now rely on the External Credential that uses the DigitSec API key instead of the Username and Password as used in DigitSec other instructions for Copado.