In this guide, we'll guide you through the process of adding and configuring the Intuitive API user for your SAFEQ Cloud instance
API User Configuration
To get started, we first need to create a new role for the "intuitive-api" user. This role needs to be locked down to a few select permissions, so does not require full admin access.
Step 1
Log in to your SAFEQ Cloud instance, locate your customer and head to Roles in the main menu system.
Click "Add"
Give the role a name, such as "Intuitive API User", and add the below view role permissions:
- ViewInputPort
- ViewOutputPort
- ViewReport
- ViewAccount
- ViewUser
- ViewLocations
Then click "Save"
Step 2
Next, we need to create the Intuitive account. Head to Users in the menu.
Click "Add"
Fill out the user details for the "intuitive-api" account. An example is provided below:
Step 3
Next, we need to apply our Access Control to the new Intuitive account. Head to Access control in the menu.
Click "Add"
Select the appropriate "Authentication Provider" for the Intuitive account.
Select the "Security Role" of "Intuitive API User"
In the "User or group name" field, either enter the username for your new Intuitive account and click "Search", or leave the field blank and search for the Intuitive account in the list.
Click the new Intuitive account, and ensure it is highlighted. Then click "Save".
Step 4
Finally, we need to generate an API key. Head to Security in the menu, select API access keys in the banner, then click "Add".
Fill out the API key details, and make a note of the API Key value. The required API permissions are listed below:
If "Automatic endpoint trust" is not enabled, you will need to authorise Intuitive's access during the setup in the SAFEQ Cloud interface. However, Intuitive / your partner will be able to inform you of the UUID for you to authorise against.
You can match the same role permissions to the API key for additional security. To do so, click "Advanced API Permissions" and give the key the same roles. As a reminder, we've included them below:
- ViewInputPort
- ViewOutputPort
- ViewReport
- ViewAccount
- ViewUser
- ViewLocations
With those details in hand, you've now created the required permissions for the Intuitive for SAFEQ Cloud configuration. For the next steps, ensure that you have sent over the username and API key to the required technical partner. Due to the security of the SAFEQ Cloud API, you do not need to inform Intuitive of the account password.
Intuitive Configuration
Once your Intuitive pod in Azure has been provisioned, with the login details supplied, you're ready to insert the API configuration details you collated in the prior steps into the Intuitive API Connection.
We've included below a handy Storylane demonstration for inserting these details, although alternatively you can continue reading this article.
To get started, log in to the dashboards, and head to the Main Menu, then Connections, Edit Connection.
Open the connection below under:
Global -> SAFEQ
In the resulting screen, we need to supply in the relevant fields the details we obtained from the API User Configuration.
SAFEQ Tenant
Supply the URL to the target SAFEQ Cloud instance. This is the same URL you use to sign into SAFEQ Cloud, such as test123.eu.eophcp.com.
API Key
Paste in the API Key value from the SAFEQ Cloud interface.
Authentication Port
Enter the authentication port for your SAFEQ Cloud instance. The default value is 7400.
API Port
Enter the API port for your SAFEQ Cloud instance. The default value is 7300.
Client ID
Enter a unique GUID for your Intuitive configuration. You can check the current Endpoint GUID's in SAFEQ Cloud -> Infrastructure -> Endpoints
Username
Paste in the Username value from the SAFEQ interface.
Historical Data
Enter number of historical days to export from SAFEQ. Default value is 730.
Configuration Data
You can leave the default values.
With those values updated, ensure that the connection has been saved.
After saving your changes, the connection should then start to pull down the data from SAFEQ Cloud. In the event that it does not, you can trigger this manually by heading to the below location in Intuitive:
Main Menu -> Admin -> ETL Management
You can kick off a refresh of the feeds by clicking the refresh icon next to the connection of "SAFEQ". An example is listed below, but you can wait for the next refresh interval (120 minutes) instead:
Once the feeds have all refreshed (you can refresh their status via the refresh icon in the top left), you are now free to use the Intuitive for SAFEQ Cloud dashboards.
To learn more about each of the dashboards, click the QR code in the bottom left of the respective Intuitive for SAFEQ Cloud dashboard to open a YouTube tutorial.