REST API supports the following certificate management actions:
- Approve a connector certificate
- Approve a connector fingerprint
- Approve a destination certificate
- Approve a destination fingerprint
Approve a connector certificatelink
Approves a certificate for a connector, so Fivetran trusts this certificate for a source database. The connector setup tests will fail if a non-approved certificate is provided.
Requestlink
POST https://api.fivetran.com/v1/certificates
{
"connector_id": "projected_sickle",
"hash": "r+u4QL4MGvZe...",
"encoded_cert": "MIID9DCCAtygAwIBAgIBQjANBgkqhkiG9w0BAQUFADCBijELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIEluYy4xEzARBgNVBAsMCkFtYXpvbiBSRFMxGzAZBgNVBAMMEkFtYXpvbiBSRF..."
}
Payload parameters
Name | Description |
---|---|
connector_id (required) |
The unique identifier for the connector. |
hash (required) |
Hash of the certificate. See how to get hash value in the Get connector certificate details section. |
encoded_cert (required) |
The certificate encoded in base64. See how to get encoded_cert value in the Get connector certificate details section. |
Responselink
HTTP 200 Success
{
"code": "Success",
"message": "The certificate has been approved"
}
Get connector certificate detailslink
To get the certificate details, retain the default when you create a database connector with the Fivetran REST API.
NOTE: Do not set
"trust_certficates": true
when you create a database connector with API.
The setup test verifying the certificate will fail with a message that includes the hash
and encoded_cert
parameters you need:
{
"code": "Success",
"message": "Connector has been created",
"data": {
...,
"setup_tests": [
...,
{
"title": "Validate Certificate",
"status": "FAILED",
"message": "No trust anchors for this connection",
"details": [
{
"hash": "r+u4QL4MGvZeY+DL15zONWVL...",
"name": "CN=Amazon RDS Root CA, OU=Amazon RDS, O=\"Amazon Web Services, Inc.\", L=Seattle, ST=Washington, C=US",
"public_key": "Sun RSA public key, 2048 bits\n modulus: 2325899...\n public exponent: 65537",
"encoded_cert": "MIID9DCCAtygAwIBAgIBQjANBgkqhkiG9w0BAQUFADCBijELMA...",
"sha1": "e8118856e7a7ce3...",
"sha256": "afebb840be0c1af65e63e0cbd79c..."
}
]
}
],
...
}
}
After you get the failed test message, note the values of hash
and encoded_cert
.
Send a POST request to the Fivetran API certificates endpoint with the hash
and encoded_cert
you just learned.
Approve a connector fingerprintlink
Approves a fingerprint, so Fivetran trusts this fingerprint for a source database, and the connector can connect to the source through an SSH tunnel. The connector setup tests will fail if a non-approved fingerprint is provided.
Requestlink
POST https://api.fivetran.com/v1/fingerprints
{
"connector_id": "projected_sickle",
"hash": "eUtPirI6yy...",
"public_key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC6 ... fivetran user key"
}
Payload parameters
Name | Description |
---|---|
connector_id (required) |
The unique identifier for the connector. |
hash (required) |
Hash of the fingerprint. See how to get hash value in the Get connector fingerprint details section. |
public_key (required) |
The SSH public key. See how to get public_key value in the Get connector fingerprint details section. |
Responselink
HTTP 200 Success
{
"code": "Success",
"message": "The fingerprint has been approved"
}
Get connector fingerprint detailslink
To get the fingerprint details, retain the default when you create a database connector with the Fivetran REST API.
NOTE: Do not set
"trust_fingerprints": true
when you create a database connector with API.
The setup test verifying the fingerprint will fail with a message that includes the hash
and public_key
parameters you need:
{
"code": "Success",
"message": "Connector has been created",
"data": {
...,
"setup_tests": [
{
"title": "SSH Tunnel Connection",
"status": "FAILED",
"message": "The ssh key might have changed",
"details": {
"hash": "eUtPirI6yy...",
"public_key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC6 ... fivetran user key",
"type": "ssh-rsa",
"name": "fivetran user key"
}
}
],
...
}
}
After you get the failed test message, note the values of hash
and public_key
.
Send a POST request to the Fivetran API fingerprints endpoint with the hash
and public_key
you just learned.
Approve a destination certificatelink
Approves a certificate for a destination, so Fivetran trusts this certificate for a destination database. The destination setup tests will fail if a non-approved certificate is provided.
NOTE: This is only required for destinations based on the following databases:
Requestlink
POST https://api.fivetran.com/v1/certificates
{
"destination_id": "ambitious_rock",
"hash": "r+u4QL4MGvZe...",
"encoded_cert": "MIID9DCCAtygAwIBAgIBQjANBgkqhkiG9w0BAQUFADCBijELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIEluYy4xEzARBgNVBAsMCkFtYXpvbiBSRFMxGzAZBgNVBAMMEkFtYXpvbiBSRF..."
}
Payload parameters
Name | Description |
---|---|
destination_id (required) |
The unique identifier for the destination. |
hash (required) |
Hash of the certificate. See how to get hash value in the Get destination certificate details section. |
encoded_cert (required) |
The certificate encoded in base64. See how to get encoded_cert value in the Get destination certificate details section. |
Responselink
HTTP 200 Success
{
"code": "Success",
"message": "The certificate has been approved"
}
Get destination certificate detailslink
To get the certificate details, retain the default when you create a destination with the Fivetran REST API.
NOTE: Do not set
"trust_certficates": true
when you create a destination with API.
The setup test verifying the certificate will fail with a message that includes the hash
and encoded_cert
parameters you need:
{
"code": "Success",
"message": "Destination has been created",
"data": {
...,
"setup_tests": [
...,
{
"title": "Validate Certificate",
"status": "FAILED",
"message": "No trust anchors for this connection",
"details": [
{
"hash": "r+u4QL4MGvZeY+DL15zONWVL...",
"name": "CN=Amazon RDS Root CA, OU=Amazon RDS, O=\"Amazon Web Services, Inc.\", L=Seattle, ST=Washington, C=US",
"public_key": "Sun RSA public key, 2048 bits\n modulus: 2325899...\n public exponent: 65537",
"encoded_cert": "MIID9DCCAtygAwIBAgIBQjANBgkqhkiG9w0BAQUFADCBijELMA...",
"sha1": "e8118856e7a7ce3...",
"sha256": "afebb840be0c1af65e63e0cbd79c..."
}
]
}
],
...
}
}
After you get the failed test message, note the values of hash
and encoded_cert
.
Send a POST request to the Fivetran API certificates endpoint with the hash
and encoded_cert
you just learned.
Approve a destination fingerprintlink
Approves a fingerprint, so Fivetran trusts this fingerprint for a destination database, and connectors can connect to the destination through an SSH tunnel. The destination setup tests will fail if a non-approved fingerprint is provided.
Requestlink
POST https://api.fivetran.com/v1/fingerprints
{
"destination_id": "ambitious_rock",
"hash": "eUtPirI6yy...",
"public_key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC6 ... fivetran user key"
}
Payload parameters
Name | Description |
---|---|
destination_id (required) |
The unique identifier for the destination. |
hash (required) |
Hash of the fingerprint. See how to get hash value in the Get destination fingerprint details section. |
public_key (required) |
The SSH public key. See how to get public_key value in the Get destination fingerprint details section. |
Responselink
HTTP 200 Success
{
"code": "Success",
"message": "The fingerprint has been approved"
}
Get destination fingerprint detailslink
To get the fingerprint details, retain the default when you create a destination with the Fivetran REST API.
NOTE: Do not set
"trust_fingerprints": true
when you create a destination with API.
The setup test verifying the fingerprint will fail with a message that includes the hash
and public_key
parameters you need:
{
"code": "Success",
"message": "Destination has been created",
"data": {
...,
"setup_tests": [
{
"title": "SSH Tunnel Connection",
"status": "FAILED",
"message": "The ssh key might have changed",
"details": {
"hash": "eUtPirI6yy...",
"public_key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC6 ... fivetran user key",
"type": "ssh-rsa",
"name": "fivetran user key"
}
}
],
...
}
}
After you get the failed test message, note the values of hash
and public_key
.
Send a POST request to the Fivetran API fingerprints endpoint with the hash
and public_key
you just learned.