Log in to Bridge Agent 

Once the Bridge Agent is installed and running, you can log in to manage its configurations and services. To do this:

1. In Qntrl, navigate to (Settings) >> Advanced >> Bridge and click Bridge.

2. Hover over the preferred bridge name, then click on the action menu, and select Open Agent.

3. This redirects you to the Bridge Agent login page in your browser.

4. First-time users must sign up by providing a Username, Password, and Confirm Password to create your login credentials. After registration, you can log in using the same username and password.      
   

Bridge Agent  Interface Overview

The Bridge Agent interface provides a centralized view of all services and modules connected to your Bridge.

Left Pane:

The left pane displays all available Services and their associated modules.

• When the Bridge Agent is installed, the Core service and its default modules are added automatically.

• Selecting a service opens three functional sections:

• Messages

• Logs

• Configurations

• Click any task within a module to view its task-level messages and configurations.

Refer to the Service Section below for detailed explanations.

Bridge Status:

The connection status of the Bridge Agent is displayed at the top-right corner of the page.

Bottom Icons:  

Located at the bottom of the left pane:

• Logs – View global Bridge logs.

• Settings – Manage all administrative and security-related configurations for the Bridge. Refer to the Bridge Agent Settings section below for more information.

• Logout – Sign out of the Bridge Agent

Service Section   

Each service contains three main sections: Messages, Logs, and Configurations.

Messages    

Displays the list of messages executed under that service.

• You can filter messages by their execution status using the All Messages dropdown.

• Click an ID to open its detailed view, which includes Payload (the request sent to Bridge) and Response (the result returned after execution).

Logs    

• Live Logs: Shows real-time updates for ongoing service executions.

• View Log Files: Browse complete log files for any service.

• Download Log File : Download logs for troubleshooting or debugging.

If the bridge is disconnected from the cloud, logs can still be downloaded locally from this section.

Configurations   

Displays configuration widgets for both System Modules and Custom Modules under the selected service. You can review and manage all configuration parameters from this section to ensure the Bridge is properly set up for your workflows.

Global Bridge Logs

Click the logs icon at the bottom of the left pane to view overall Bridge logs, separate from service-level logs.

This page allows you to:

• View consolidated logs generated by the entire Bridge.

• Download global logs for investigation or debugging.

• Track Bridge-level issues outside individual services.

Bridge Agent Settings  

• Configuration
• Reset Password
• Credentials
• Connections
• Configure SSL

Select any option to perform the respective configuration tasks.      
 

Configuration      

View key details about your Bridge installation.

• Configuration:

• Org Name – Name of the organization connected to the Bridge.

• Bridge Name – Shows the registered Bridge name.

• Installation Directory – Indicates the local installation path.

• Version Details – Displays the installed Bridge version.   
  

Reset password      

Use this option to change your Bridge Agent login password.

1. Click Reset Password.

2. Enter your Current Password and New Password.

3. Click Save to update the password.

Credentials 

1. Click Credentials.
2. Click Add Credentials on the right.
3. Enter the Credential details.
1. Credential Name: Provide a name to the Credential.
2. Type: Select the type of credential based on the target service and enter the required authentication details. Refer to the below section, Types of Credentials for more insights into the credential type used.
4. Click Save. 

Types of Credentials       

1. Basic   

• Username
• Password 

2. API     

• Append To: Select whether to append the credential to a Parameter or Header.
• Parameter/Header Name: Enter the name of the parameter or header, based on the option selected in the Append To field.
• Token: Provide the API token generated in the target service. This token will be included in the API request as a header or parameter.A

3. JDBC    

1. Username: Username associated with the database account.
   
2. Password: Password for the corresponding username to authenticate database access.
   

4.OAuth 

• Connection ID: Select an existing OAuth connection from the list.  

5. SSH (Secure Shell)   

Enables secure connections to UNIX and Linux devices using the SSH protocol with password or key-based authentication.

Key-based authentication uses a cryptographic key pair, a public key shared openly for encryption and verification, and a secret private key for decryption and signing. The data encrypted with the public key can only be decrypted with its corresponding private key.

• Authentication Mode: Select the authentication mode Password/Public Key
• Password:
• User Name: Username on the target machine.
• Password: Password for script execution.
• Public Key:
• User Name: Username on the target machine.
• Identity: Location of the Private Key.
• Passphrase: Password that can be added optionally for an extra layer of security during the key generation.

6. PowerShell    

Used for secure connections with Windows machines by executing Powershell commands.

Fields:

• User Name: Username on the Windows machine.

• Password: Password associated with the machine for script execution.

7. Active Directory    

• User DN: Distinguished Name of the Active Directory.
• Password: Active Directory password.

8. NTLM   

• Username: The Windows account username
• Password: Password used for authentication.
• Domain: The domain associated with the Windows account.
• Hostname: The hostname of the Windows machine.

Connection   

Before creating a connection, ensure you have:

1. Registered your application in Qntrl.

2. Obtained a Client ID and Client Secret to initiate authorization.

Configure OAuth Connection   

1. Select Connection and click New Connection.

2. Connection Name: Enter the connection name.

3. Type: Choose the connection type

• Zoho – For Zoho Services.

• Others – For external applications.
  

4. Grant Type: Select the OAuth method used to obtain access tokens for this connection.
   

1. For Zoho connections
   

1. Authorization Code (default)
   

2. For Other connections
   

1. Authorization Code
   

2. Client Credentials
   

5. Client ID: The unique identifier provided by the connected service for this application. For Zoho connections, Click the + icon next to Client ID to register your application and generate credentials.  Refer to the Register Your Application section for procedures to register your application.
6. Client Secret: The secret key issued by the service to authenticate your application.
7. Redirect URI (auto-filled): The URL where the service will send the authorization response.
8. Scope: The set of permissions your connection will request. Refer to Qntrl API documentation for supported scopes.
9. Delimiter: The character used to separate multiple values, if required by the service.
10. Provide the Authorize URL, Refresh Token URL, Access Token URL, and Revoke Token URL.
11. Add the Additional Properties if required.
12. Click Save and Connect to save the details and create a connection.

Managing Connections  

Click on the connection ID to open the connection details page. You can perform the following actions:

• Status: View the current status of the connection in the Status field.

• Edit: Update the configuration as needed. After making changes, click Save.

• Revoke: Use the Revoke button at the bottom of the page to invalidate the connection when it is no longer required.

​

Delete a Connection  

In the list view, hover over the connection name to reveal the Delete option. Click Delete to permanently remove the connection.

​

Register your application   

When registering your application:

1. Click the + icon beside Client ID in the Connection setup.

2. Log in to your Zoho developer console.

3. By default, Server-based Application is selected as the client type.

4. Enter the following details:

• Client Name (only “_” and “&” special characters allowed)

• Homepage URL

• Authorized Redirect URI (copy this from Bridge Agent)

5. Click Create to receive your Client ID and Client Secret.
   

Configure SSL    

By default, Bridge runs on HTTP (port 8500).
You can enable HTTPS to secure communication between the Bridge and Qntrl.

Prerequisites      

Before enabling HTTPS for the Bridge, ensure that the following requirements are met:

OpenSSL Version Requirement     

Qntrl Bridge currently requires OpenSSL 1.x. To enable HTTPS, ensure that OpenSSL 1.x is installed on the Bridge host computer.

If OpenSSL 3.x or any other version is installed, follow the steps below to install OpenSSL 1.x.

Install OpenSSL 1.x     (Linux)

1. Download the OpenSSL 1.x source archive using the following command: wget https://www.openssl.org/source/openssl-1.1.1w.tar.gz

2. Extract the downloaded archive: tar -xvzf openssl-1.1.1w.tar.gz

3. Navigate to the extracted directory: cd openssl-1.1.1w

4. Configure the installation directory for the OpenSSL(e.g., /opt/openssl-1.1.1w): ./config --prefix=/opt/openssl-1.1.1w

5. Ensure the GCC compiler is installed. If not, update the system and install GCC: sudo apt update && sudo apt install gcc

6. Build OpenSSL: make

7. Install OpenSSL: sudo make install

8. Verify the OpenSSL installation: /opt/openssl-1.1.1w/bin/openssl version

9. Add the following lines to your .bashrc file to update environment variables:

            export LD_LIBRARY_PATH=/opt/openssl-1.1.1w/lib:$LD_LIBRARY_PATH

            export openssl=/opt/openssl-1.1.1w/bin/openssl

Once HTTPS is enabled for the Bridge, you can remove these lines from .bashrc.

For Windows:

1. Download OpenSSL 1.x for Windows, from a trusted source like this link.

2. Extract the downloaded ZIP file into a folder and install.

3. Set the OpenSSL 1.x version as default in the environment path.

To generate configuration files manually or create SSL certificates, refer to the Sample to Create Configuration Files and Generate Certificates section for detailed examples.

Keystore   Configuration

1. Select Enable HTTPS.

2. Root Certificate: Upload root certificate issued by a trusted CA.

3. Private Key: Upload your server’s private key file used to sign the CSR and secure connections. Learn more about private keys.

4. Intermediate Certificate: Links root and server certificates.

5. Server Certificate: Certificate issued to your Bridge host. Enabling HTTPS is mandatory if a server certificate is uploaded.

6. Click Save Keystore.

The bridge will restart in HTTPS mode automatically.

Truststore Configuration

The Truststore is used for all outbound calls from the Bridge.

Bridge truststore aliases: Click Add and upload certificates that your bridge must trust, for example, if the Bridge accesses private network APIs using a server certificate not signed by a CA, upload that certificate to this trust store to allow the bridge to connect.

Sample to Create Configuration Files and Generate Certificates       

1. Create a Configuration File 

Create a file with the following sample content and save it as <name.conf>.

[req]
distinguished_name = req_distinguished_name
req_extensions     = req_ext
prompt             = no

[req_distinguished_name]
C  = {Your country code}
ST = {Your state}
L  = {Your city}
O  = {Your organisation}
OU = {Your org unit}
CN = {Your bridge domain}

[req_ext]
subjectAltName = @alt_names

[alt_names]
DNS.1 = {Your bridge domain}

This file contains the details for the certificates.

2. Create a Private Key 

Execute the following command in the terminal:

openssl genrsa -out {bridge_domain}.key 2048

This command will create a .key file, which has to be uploaded in the Private Key field.

3. Create a CSR (Certificate Signing Request) 

Execute the following command to create a .csr file. You will need this to obtain the server certificate from your Certificate Authority.

openssl req -new -key {bridge_domain}.key -out {bridge_domain}.csr -config cert.conf

4. For Testing: Create a Self-Signed Server Certificate 

Execute the following command to create a server certificate for testing purposes.

openssl req -key {bridge_domain}.key -new -x509 -days 365 -out {bridge_domain}.crt -config cert.conf

This will create a server certificate for testing purposes.  

Logout