Skip to main content

Mint Configuration

In the Configuration page you can view and manage settings for your flows, such as variables (upcoming feature) and secrets.

Prerequisites

In order to manage your Mint configuration, you need to have the following roles:

  • Mint Admin
  • Mint Editor

Without a role that gives you the minimum amount of access, you are not able to view, create or update secrets and variables.

Roles and permissions

Signicat Mint relies on the Identity and Access Management (IAM) policies at the core of the Signicat Dashboard. To learn more about roles and permissions, see the Managing roles and permissions documentation.

Secrets

Secrets allow you to store sensitive data, such as access tokens, signatures or secure keys, that you want to hide from view and reuse across different flows. You can use these secrets as input in supported steps across all flows.

Secrets have the following properties:

  • Secrets consist of a key (visible) and a value (obfuscated).
  • Mint always obfuscates the value of your secrets, including in the Mint Builder and Journeys.
  • You cannot view a secret value after creation, only edit it. A secret is hidden forever.
  • You can reuse and import secrets in all your flows.
  • After you delete a secret, you need to update the workflows where it is referenced.

We recommend using secrets when you want to pass credentials or encryption keys to authenticate with an API, a third-party system and in bring-your-own-credential flows.

What steps support secrets?

You can use your secrets in the following steps:

  • Connection steps: Input to the request headers, body and signing key.
  • Create JWT: Input to the signing and encryption keys.

How to add secrets

To add secrets in the Mint Configuration:

  1. Go to Signicat Mint > Configuration.
  2. Select + Add secret.
  3. Enter a name to identify the secret, for example "My Secret". You use this when importing a secret in your flows.
  4. Enter a value. This is the sensitive part you want to obfuscate.
  5. Select Save secret to create the secret.
Secret value

Note that you can view the value of the secret in clear text, when you first create the secret. You can always edit the value or generate another secret.

In the Configuration page, you can now find details about the secret creation and update date.

Mint Configuration interface

Mint Configuration interface

How to import secrets in your flows

You can import secrets in your flows by referencing them by name/key when configuring a step in the Mint Builder.

For example, let's imagine a scenario where you want to perform a token exchange process to authenticate with the authorization server's token endpoint of an API in your Mint flow. According to the client_secret_post flow, you pass the client ID and client secret in the body of the POST (HTTP) request to the token endpoint.

The Send HTTP request step allows you to achieve the above scenario in Mint by doing the following:

  1. Go to Signicat Mint > Builder and create a new flow.
  2. In the Builder canvas, select the plus icon (+). Then, select Step to add a new step.
  3. Select the Connections > Send HTTP request step to configure an HTTP request.
  4. Enter a Request URL, then set the HTTP Method to POST.
  5. To add your Mint secret in the Body, fill in the following fields:
    • Key: Enter client_secret. This is the default key in a client_secret_post request.
    • Value: Select the + icon to open the variables menu. Under Secrets, select the name of the secret you previously created in the Mint Configuration, for example "My Secret".
    Complete step configuration

    To create an HTTP request to authenticate to an API with explicit client credentials, you might need to add these settings:

    • Request URL: The authorize endpoint URL. For example: https://api.example.com/auth/open/connect/token.
    • HTTP Method: POST
    • Content Type: Form Data
    • Body (key:value):
      • grant_type: client_credentials
      • scope: The scope requested by the API. For example, signicat-api
      • client_id: The client ID.
      • client_secret: The client secret.

When you save, publish and run your workflow, Mint passes the secret value to the key you entered in your step configuration.

How to edit secrets

You can edit secrets in the Mint Configuration. To do this:

  1. Go to Signicat Mint > Configuration.
  2. Select the Edit icon () next to an existing secret.
  3. To edit the secret name, select the Secret name box and enter a new name.
  4. To edit the secret value, select the Secret value box and enter a new value.
  5. Select Save changes to update the secret.

When you edit a secret, you override the previous configuration.

Important

When you edit the value of a secret, the flows that import the secret will use the new value.

Note that changing the secret name does not break existing flows, since flows import secrets through a reference ID.

How to delete secrets

You can delete secrets in the Mint Configuration. To do this:

  1. Go to Signicat Mint > Configuration.
  2. Select the Bin icon () next to the secret you want to delete.
  3. Enter a name to identify the secret. You use this when importing a secret.
  4. Enter a value. This is the sensitive part you want to obfuscate.
  5. Select Save secret to create the secret.
Important

After you delete a secret, make sure to update the flows where the key is referenced, or else the user journey will fail at runtime.

On this page