Product Scoop – May 2022
Everyone’s got secrets. API tokens, database passwords, what you did last summer. We can’t help you with that last one. However, if you want to get your connection credentials under control, check out our brand new integration with AWS Secrets Manager. Also, spruce up your MS Teams Workbots with Tabs, securely share your recipes and connectors, and much more.
- Control secrets sprawl with AWS Secrets Manager
- Create beautiful, interactive views for your MS Teams Workbots
- SDK Connector Updates
- Share recipes and connectors securely with revokable links
- Basic auth support for the API Platform
- Connect everything
Control secrets sprawl with AWS Secrets Manager support for connections.
Secrets sprawl happens when you store your organization’s secrets, like passwords, encryption keys and other access credentials, across many locations and apps, making it hard to apply any kind of reliable security policy. Something as simple as password rotation requires you first to remember where all those passwords are stored. Worse still, secret sprawl leads to increased attack surfaces.
Stale, forgotten secrets off in the corners of your app ecosystem become points of vulnerability that an attacker can exploit. For this reason, many security professionals aim to centralize their secrets management in an external secrets manager, such as AWS Secrets Manager.
Now, you can use AWS Secrets Manager to store the credentials needed to authenticate to your apps and databases, and configure Workato to retrieve the credentials when a connection is needed.
Using AWS Secrets Manager with Workato
By default, when creating a connection in Workato, you supply the credentials, like username, passwords, or tokens, directly in the Workato UI. Workato stores the credentials, encrypted by a unique, connection-specific key.
When using AWS Secrets Manager, you instead store the credentials there, and create a policy that allows Workato to access them. When you create the connection in Workato, instead of supplying the credentials themselves, you supply a reference to the credentials stored in AWS.
This means that Workato can connect to your apps and databases without actually storing your credentials at all.
Benefits of secrets management
Many organizations require centralized secrets management to control and protect the credentials from unauthorized access and distribution. Increasingly we see a demand for Workato to use credentials stored in a customer-managed secrets manager. Using an external secrets manager to store your connection credentials confers several benefits:
Storing your secrets only in a dedicated secrets manager helps protect your organization against potential compromise of credentials and connections. When you integrate with AWS Secrets Manager, your credentials are not stored in Workato at all.
CENTRALIZED SECRETS MANAGEMENT
Centralized secrets management is the opposite of secrets sprawl. With all your secrets managed in one place it’s easy to create and enforce security policies such as policy-driven storage, encryption of credentials and time-bound secret rotation. It’s also simple to audit all access to your secrets over time.
Use of AWS Secrets Manager to establish connections in Workato gives you more control over how and when those credentials can be accessed. You can revoke Workato’s permissions to access any secrets, at any time.
Check out the full launch blog to learn more.
Create beautiful, interactive views for your MS Teams Workbots
As useful as bots can be, having to remember typed commands every time you want to use them isn’t the best experience. Modern apps in Slack and MS Teams use a personalized visual interface to surface functionality to the user, with buttons, menus and inputs taking the place of text commands.
With support for the Tabs feature, your Workbots for MS Teams can now display multiple, personalized tabs to help your users discover all the functions and value of your bots.
Like other views in MS Teams, Tabs are built on Adaptive Cards, but you can create Tabs in Workato’s visual builder without needing to write Adaptive Cards JSON.
Build custom dashboards
Bring together data from multiple apps in Workato to build custom dashboards. Showcase the latest key metrics, create sales leaderboards, introduce new employees, or pretty much anything else you can think of.
Create personalized experiences
Personalization is a great way to increase your bot’s value. Because you have access to the user’s ID in the recipe builder, you can always personalize the content of your tabs to each individual user. For example, show a custom list of tasks, like active leads assigned to the user, or open PTO requests. You can also surface different actions, depending on the user’s role.
SDK Connector Updates
Getting all the apps you need hooked up to your automation platform is an ambitious and moving target. Not only is the total number of apps you use growing year over year, you’re also replacing apps over time as your needs change.
That’s why, in addition to our suite of Workato-created connectors, and the community library of connectors created by customers and partners, we’re continually improving our Connector SDK. With the Connector SDK, you can quickly create fully-functional connectors that look just like Workato-created connectors and are just as simple and easy for your teams to use. Here’s what’s new with Connector SDK this month.
Debug connections from the Workato UI
To provide a smooth user experience, you need to be able to fully test your connectors, and that includes the connection experience itself. You can now debug your connections in the Workato UI. The debugger shows complete details of the input and output of the connection request, plus any error messages or console logs.
Create custom actions
Custom actions are a catch-all action for the API your connector works with. Custom actions let your users define their own API request without having to create it from scratch, since they’re already authenticated through the connector.
You can now add custom actions to your connector with a single line of code.
Generate schema from a sample
Defining the schema for the input and output of each of your connector’s actions can be laborious. To save you some time, we’ve added a tool you the Connector SDK’s command line interface to instantly generate a Workato schema from a sample CSV or JSON file.
Share recipes and connectors securely with revokable links
While recipes and custom connectors can be shared publicly through the Community Library, you may want to share assets with a smaller group of coworkers or peers. While it’s already possible to share recipes via a private permalink, we’ve now made private sharing even more secure and manageable.
You can now generate a unique sharing link for a recipe or custom connector on demand. You can revoke a link at any time to limit the window in which your assets are available.
Basic auth support for the API Platform
When you publish enterprise APIs, you often need to serve a range of clients with different capabilities. Workato’s API platform supports a range of industry-standard authentication methods, including Oauth 2.0 and JSON Web Tokens.
Basic auth is not a recommended authentication method, but as an API publisher, you’re often constrained by the capabilities of your clients, and in some cases, basic auth may be the only option a client can support. For this reason, we’ve added support for basic auth to the API Platform.
Wrangle your contacts in Outlook
The Outlook connector now supports new triggers and actions to:
- Trigger a recipe when new contacts are added
- List and search contacts
- Create, update and delete contacts
Sync contacts between your apps
Capture contacts from your HR Platform, CRM or databases. Import them to Outlook and sync updates between apps, regardless of where the change is made.
Supplement your Outlook contact information with information from external sources to put key information at your team’s fingertips when they reach out.
Optimize your recruitment analytics with Greenhouse
Data from your recruitment platform is critical when you want to analyze your recruitment journeys and employee lifecycle. It’s common to sync data from your recruitment platform to your cloud data warehouse for analysis alongside data from other systems of record.
To make this process more efficient, we’ve added batch support to our Greenhouse connector. You can now capture new and updated candidates, applications, job posts, jobs, offers, interviews, and scorecards in batches for processing.
Connect securely to Jira on-prem with Personal Access Tokens
We’ve updated our Jira connector to support authentication with Personal Access Tokens (PATs), in addition to basic auth. Authentication via PATs allows you to instantly remove access to your Jira instance at any time by revoking the token.
Upload those big files to Azure Blob
Okay, your files are big, quit bragging. To support bulk data uploads into Azure Blob we’ve reinforced the upload files action to support uploads of files up to 15GB.
Large file uploads now work asynchronously, so there’s no need to worry about your job timing out. Large data syncs and backup jobs are no problem.