Connected Accounts

Securely integrate and automate third-party apps and services

Connected accounts provide authentication, secure storage, and reuse of user credentials at third-party service providers. Various forms of authentication are supported: OAuth, API keys, tokens, HTTP Basic, user/password, etc.

The owner of a connected account determines how it’s shared. For instance, a corporate Twitter account could be shared by an entire team, while a worker’s private Salesforce account could be accessed by only them and their bots.

Plugins can implement new service providers. Cerb currently has plugins for:

Bots can use connected accounts to cryptographically sign (or otherwise authenticate) arbitrary HTTP requests. This opens up entire service provider APIs1 to bots, rather than only offering a few hand-picked actions.

We recommend creating a bot for each service (e.g. Facebook Bot) to act as a delegate. That way the credentials and API interaction for a particular service are handled in a single place, and any number of other bots can use ‘Run behavior’ or ‘Schedule behavior’ actions against the bot delegate to interface with those services in a secure and reusable way.

References