Bridge agent Settings | Qntrl | Bridge | Online Help | OAuth Configuration | SSL Configuration

Bridge agent settings

Once the Bridge agent is set up, you can log in to the bridge agent to view and modify the allowed configuration as needed. To do this:

  1. In Qntrl, navigate to (settings) >> Advanced >> Bridge, then select your bridge.

  2. Hover your cursor over the bridge name, then click on the action menu, and select Open Agent.

      

  1. This will direct you to the bridge agent login page. Log in with your username and password.

      

  1. Click the   (settings) icon at the top right of the header bar.

  2. The following settings options will appear on the left pane.

    1. Configuration

    2. Reset Password

    3. Credentials

    4. Configure OAuth

    5. Configure SSL

  3. From the options, you can click on the desired action to perform various configuration tasks.

      


View Bridge agent configuration   

Click Configuration from the left pane to view the following bridge agent configurations:
  1. Bridge Configuration: Displays details such as Organization Name, Bridge Name, Registration Key, Polling Interval, and Installation Directory.
  2. Version Details: Displays the bridge version.
      
     

Change login password   

To change the login password:
  1. Click Reset Password from the left pane.
  2. Enter your Current Password and New Password.
  3. Click Save to update the login password. 

      


Store credentials in Bridge   

As outlined in the Credentials section, Bridge provides the capability to securely store credentials for your database, application, or remote machine within its Credentials module, ensuring seamless access and connectivity. Additionally, Bridge offers an alternative option to store credentials within the Bridge agent, allowing you to keep them within your network instead of in the cloud (i.e., Qntrl account), based on your security policies.
 
To store a credential within bridge agent, follow the below steps:
  1. Click Credentials from the left pane.
  2. Click the Add Credentials button present at the top right of the page.
  3. Enter the Credential details.
    1. Credential Name: Give a name to the Credential.
    2. Type: Click the dropdown menu, select the suitable Credential type based on the service you wish to connect with, and complete the relevant fields associated with the chosen Credential type. For instance, if you intend to perform a task within the AD module, choose Type as 'Active Directory'.
      1. API - Provide API Key
      2. JDBC - Provide User Name and Password
      3. SSH Provide Public Key/Password
      4. PowerShell - Provide User Name and Password
      5. Active Directory - Provide User DN and Password
      Refer to the below section, Types of Credentials for more insights into the credential type used.

     
  4. Click Save. The credentials will be stored and ready for use.

      


Types of Credentials       

1. API  

Allows access to APIs for data retrieval, updates, or specific actions. When you choose Type as API, input the following details into the respective fields.
  1.  Append ToSelect the Parameter or Header to append the credential
  2. TokenEnter the API token generated in the target service, included in the API request header or parameter.
  3. Header Name: If the Append To field is selected as Header, enter the name of the HTTP header carrying the API token (e.g., Authorization, API-Key, Bearer).
  4. Parameter Name: If the Append To field is selected as a Parameter, enter the query parameters or request body parameters containing the API token.

2. JDBC 

Grants access to a database connection by establishing a connection with a database using the provided username and password. Upon selecting JDBC as the credential type, fill in the following field details.

  • Username: Username associated with the database account.

  • Password: Password for the corresponding username to authenticate database access.

3. SSH (Secure Shell) 

Enables secured connections to UNIX and Linux devices by executing commands over SSH protocol. This credential type has two modes of authentication.

 

i. Password Authentication:

This method employs standard password protection. Users provide a password for access.

ii. Key-Based Authentication:

Cryptographic concept of authentication, where two keys, Public Key and Private Key are used. Public Key is designed to be shared openly, and used for encryption and signature verification, while Private Key is kept secret and is used to decrypt data and create digital signatures. The data encrypted with the public key can only be decrypted with its corresponding private key.

Fill in the following fields with the relevant details:
  1. Authentication ModeSelect the authentication mode Password/Public Key
      Password
  • User Name: Username on the target machine.
  • Password: Password for script execution.
     Public Key   
  • User Name: Username on the target machine.
  • Identity: Location of the Private Key.
  • PassphrasePassword that can be added optionally for an extra layer of security during the key generation.

4. PowerShell 

Used for secure connections with Windows machines by executing Powershell commands. If you've chosen Powershell as the credential type, provide the following details in the designated fields.

  • User Name: Username on the Windows machine.

  • Password: Password associated with the machine for script execution.

5. Active Directory 

Used for authentication and accessing resources within an Active Directory environment. For AD credential types fill in the following details.

  • User DN: Distinguished Name of the Active Directory.

  • Password: Active Directory password.


OAuth Configuration  

This section is used to authorize and establish a connection with the File module, facilitating file management activities. Certain file operations that demand significant resources cannot be efficiently executed over a WebSocket connection, hence requiring the utilization of the HTTPS protocol, which can be verified through OAuth configuration.

 

Pre-requisite

Before proceeding, ensure that you have registered your application with Qntrl and received the Client ID and Client secret to initiate authorization. Refer to the Register Your Application section for procedures to register your application.

 

Configuring OAuth for Connection

Follow the below steps to configure OAuth for your connection:
  1. Select Configure OAuth from the left pane.
  2. If you've registered your application before, enter your Client ID and Client Secret.
    • Client ID: Unique identifier you receive when you register your application with Zoho.
    • Client Secret: A unique key generated upon registering your application with Zoho.
    • Authorized redirect URI: URI endpoint for client-based applications to which Zoho Accounts has to redirect the user-agent with the access token after authorizing the client.

      

To register your application and generate a Client ID and Client Secret, select the '+' icon next to Client ID and follow the registration process outlined in the Register your Application section, commencing from step 3.

  1. Click Save and Connect.

  2. Upon successful authorization, the connection will be created and the status will be shown as Connected.

  1. You have the option to modify or revoke the connection you've created by simply clicking the Edit or Revoke buttons.

Register your Application    

You must register your application through the Zoho API Console, to receive your Client ID and Client Secret. Follow these steps to register your application successfully:
  1. Visit the Zoho API Console by navigating to the official website Zoho API Console and click GET STARTED.

      

  1. Choose the "Server-based Application" client type and click CREATE NOW.

      

  1. Provide the following details:

    1. Client Name: Enter the name of the application you want to register with Zoho.
    2. Homepage URL: Input the URL of your application's web page.
    3. Authorized Redirect URIs: Specify a valid application URL to which Zoho Accounts will redirect you, providing a grant token (code) upon successful authentication.
  2. Click CREATE.

      

  1. Upon successful registration, you will receive the following credentials:

Client ID: The consumer key generated from the connected app.

Client Secret: The consumer secret generated from the connected app.

      


For more in-depth information about OAuth integration with Zoho, you can  refer to Zoho's OAuth documentation 

  • The Client Name should not include any special characters except for "_" and "&."


Configure SSL 

By default, the bridge server runs in HTTP mode on port 8500. You can enable HTTPS by following the steps below.  

Prerequisites  
Ensure OpenSSL version 1.0 is available in the system path.

Configure SSL  

  1. Fill in the Following Fields:
    • Private Key: Upload the private key file of your server, used to digitally sign your Certificate Signing Request (CSR) and to secure and verify connections to your server. Learn more about private keys.
    • Root Certificate: Upload the Root SSL certificate issued by a trusted certificate authority (CA).
    • Intermediate Certificate: Upload the intermediate certificate that acts as a bridge between a root certificate and an entity certificate, providing an extra layer of security.
    • Server Certificate: Upload the server certificate, typically issued to hostnames, representing the bridge server. Enabling HTTPS is mandatory if a server certificate is uploaded.
  1. Enable the Enable Https checkbox.
  2. Click Save Keystore. The bridge will restart in HTTPS mode.

      

 

Sample to Create Configuration Files and Generate Certificates     

1. Create a Configuration File

Create a file with the following sample content and save it as <name.conf>.
[req]
distinguished_name = req_distinguished_name
req_extensions = req_ext
prompt = no
 
[req_distinguished_name]
C = {Your country code}
ST = {Your state}
L = {Your city}
O = {Your organisation}
OU = {Your org unit}
CN = {Your bridge domain}
 
[req_ext]
subjectAltName = @alt_names
 
[alt_names]
DNS.1 = {Your bridge domain}
This file contains the details for the certificates.

2. Create a Private Key

Execute the following command in the terminal:
openssl genrsa -out {bridge_domain}.key 2048

This command will create a .key file, which has to be uploaded to the Private Key field

3. Create a CSR (Certificate Signing Request)

Execute the following command to create a .csr file. You will need this to obtain the server certificate from your Certificate Authority.

openssl req -new -key {bridge_domain}.key -out {bridge_domain}.csr -config cert.conf

4. For Testing: Create a Self-Signed Server Certificate

Execute the following command to create a server certificate for testing purposes.

openssl req -key {bridge_domain}.key -new -x509 -days 365 -out {bridge_domain}.crt -config cert.conf

This will create a server certificate for testing purposes.


Truststore  

The bridge truststore is used for all outbound calls from the bridge. You can upload certificates that the bridge needs to trust.

For example, if the bridge needs to consume private network APIs and the server certificate is not signed by a CA, you must upload that server certificate to this truststore to make the API accessible from the bridge.

    • Related Articles

    • Install Bridge

      Follow the below step-by-step procedures to configure and use Bridge in Qntrl. Step 1: Download the Bridge agent Only one Bridge agent can be installed per machine. To download a bridge agent in Qntrl: Navigate to (settings), under Advanced click ...
    • Other actions in Bridge

      View / Edit Bridge properties Follow the given steps to view or edit the properties of a bridge: Click the settings gear icon located in the left pane. Navigate to Advanced >> Bridge >> choose Bridge. In the Bridge list page, choose the specific ...
    • Overview of Bridge

      What is a Bridge? Bridge is an installable, lightweight independent agent that can be deployed on the customer’s local network. It is compatible both on Windows and Linux machines with 32 and 64-bit OS. Its role is to facilitate communication between ...
    • Use case for Bridge: Connect with remote databases using Bridge

      Most organizations secure their remote databases using firewalls. If you are looking for a way to navigate these firewalls to access remote databases, Bridge can be of help. Let us try to solve a real-time business case where Bridge is used to access ...
    • Quick access settings in Boards

      You can quickly edit and update the board using the quick settings. Navigate to the Boards module. Hover over the respective board under My Boards . Click the more options icon . Below are the edit functionalities supported through quick access ...

    You are currently viewing the help articles of Qntrl 3.0. If you are still using our older version and require guidance with it, Click here.