EventNative
EventNative
GitHub
Docker Hub
Welcome to EventNative
Changelog
Deployment
🚀How it works
Architecture
Pipelines
Directories Structure
✈️Sending Data
JavaScript Reference
Event API
⚙️Configuration
General Configuration
Authorization
SQL debug logs
Schema and Mappings
Enrichment Rules
Destination Configuration
Sources Configuration
Other Features
Retrospective User Recognition
Events Cache
Geo Data resolution
Typecast
Admin Endpoints
Application Metrics
Scaling EventNative
Tips and tricks
Setting up Warehouses
Powered by GitBook

Authorization

EventNative supports two types of authorization: client/server secrets and admin token.

Client/server secrets authorization

All incoming events should pass client/server secrets authorization depends on the endpoint type:

  • /api/v1/event - client secret authorization;

  • /api/v1/s2s/event - server secret authorization.

Secrets objects configuration has all fields optional:

Field

Type

Description

id

string

Unique identifier of secrets object

client_secret

string

Client token is used in client endpoint authorization

server_secret

string

Server token is used in server endpoint authorization

origins

string array

An array of allowed request origins. Values can be with wildcard e.g. "abc*" will allow requests from abc.com, abcd.com, etc.

EventNative supports reloadable client/server secrets authorization configuration from an HTTP source, from a local file, and from YAML structure in app config.

HTTP URL

server:
  auth: 'https://token-source.com/path'
  auth_reload_sec: 30

Authorization will be reloaded every auth_reload_sec seconds. Default value is 30.

HTTP requests are sent with If-Modified-Since header. If HTTP response returns 304 code -authorization isn't reconfigured. If authorization content was changed (or logic isn't supported) - HTTP response must return 200 code, Last-Modified header, and body with the following structure:

{
  "tokens": [ #array of json objects
    {
      "id": "uniq_id_1",
      "client_secret": "123dasbc",
      "server_secret": "abcc22",
      "origins": ["abc.com", "*.yourdomain.com"]
    }
  ]
}

Local file

Tokens file must have the same payload as the HTTP response body above.

server:
  auth: 'file:///home/eventnative/app/res/tokens.json'
  auth_reload_sec: 30

YAML configuration

Authorization can be configured via YAML array of objects.

YAML array
YAML array
server:
  auth:
   -
    id: unique_tokenId
    client_secret: bd33c5fa-d69f-11ea-87d0-0242ac130003
    server_secret: 5f15eba2-db58-11ea-87d0-0242ac130003
    origins:
      - '*abc.com'
      - 'efg.com'
   -
    id: unique_tokenId2
    client_secret: 123jsy213c5fa-c20765a0-d69f003
   -
    id: unique_tokenId3
    server_secret: 231dasds-3211kb3rdf-412dkjnabf

Also, authorization can be configured via plain string. In this case, plain string will be parsed as client secret.

Plain string
Plain string
server:
  auth: 193b6281-f211-47a9-b384-102cf4cd2d55 #client secret

Admin token authorization

⚙️Configuration - Previous
General Configuration
Next
SQL debug logs
Last updated 3 months ago
Contents
Client/server secrets authorization
Admin token authorization