fix(integrations): Add Passportal integration #4942
Conversation
![propel-code-bot[bot]](https://avatars.githubusercontent.com/in/1179004?s=60&v=4){kind=small}
packages/providers/providers.yaml
Outdated
| content: ${credentials.content} | ||
| token_response: | ||
| token: access_token | ||
| token_expiration: data.expiry_time |
There was a problem hiding this comment.
| token_expiration: data.expiry_time | |
| token_expiration: expiry_time |
You can verify this by checking the Access Token Expiration under connection in the Nango dashboard. I would also check if the token refreshes when you manually refresh from nango ui.
There was a problem hiding this comment.
Good catch. token_expiration: expiry_time is indeed correct.
Unfortunately I can't find a control in the Nango UI to manually refresh, but the expiry time does actually show up now.
| example: mycompany.mypasswordapp.com | ||
| format: hostname | ||
| doc_section: '#step-1-find-your-passportal-base-url' | ||
| credentials: |
There was a problem hiding this comment.
Would be nice to a add an example and pattern for both apiKey and hmacToken.
There was a problem hiding this comment.
Good call. I've added these.
| token_expiration: data.expiry_time | ||
| token_expiration_strategy: expireAt | ||
| proxy: | ||
| base_url: https://${connectionConfig.base_url} |
There was a problem hiding this comment.
Does the base_url always have a suffix passportalmsp.com, if so you can just request for the subdomain instead. with prefix: https:// and suffix : passportalmsp.com
There was a problem hiding this comment.
Unfortunately the base_url is not constrained to a single suffix; Passportal's documentation shows a different suffix to our domain's suffix.
| - If your URL is `https://mycompany.passportalmsp.com/dashboard` → Your base URL is `mycompany.passportalmsp.com` | ||
| - If your URL is `https://instance.passportalmsp.com/dashboard` → Your instance is `instance.passportalmsp.com` |
There was a problem hiding this comment.
Log into your Passportal dashboard, check the URL at your browser address bar, If your URL is https://mycompany.passportalmsp.com/dashboard → Your Base URL is mycompany.passportalmsp.com
This will depend on the comment below.
There was a problem hiding this comment.
Nice re-wording. This is indeed consistent with the correct, full-base-URL approach we need to take here. I have adopted the suggestion.
|
|
||
| ### Step 4: Enter your details in the Connect UI | ||
|
|
||
| Once you have your **Instance Name**, **API Access Key ID**, **HMAC Token**, and **Content String**: |
There was a problem hiding this comment.
This doesn’t match the Connect UI form fields. To be determined based on the comment regarding base_url vs. subdomain.
There was a problem hiding this comment.
Thank you. This has been made consistent, including a consistent order between fields in the docs and fields in the connect modal form.
There was a problem hiding this comment.
the logo should have a maximum width or height of 44px and be centered within a 62x62px container.
There was a problem hiding this comment.
If Claude Code is to be believed, the SVG should now meet these requirements.
|
|
||
| 1. Log into your Passportal dashboard. | ||
| 2. In the left pane, go to **Settings** > **API Keys**. | ||
| <img src="/integrations/all/passportal/passportal-settings.png" style={{maxWidth: "450px" }}/> |
There was a problem hiding this comment.
| <img src="/integrations/all/passportal/passportal-settings.png" style={{maxWidth: "450px" }}/> | |
| <img src="/integrations/all/passportal/passportal-settings.png"/> |
same as the rest.
There was a problem hiding this comment.
I've removed the style={{...}} attributes.
There was a problem hiding this comment.
we have a new docs style,take a look at Sellsy (Client Credentials) as an example.
There was a problem hiding this comment.
I have moved to this new style.
Co-authored-by: Hassan_Wari <[email protected]>
| To authenticate with Passportal, you need: | ||
| 1. **Base URL** – Your Passportal instance domain (e.g., `mycompany.passportalmsp.com`). | ||
| 2. **API Access Key ID** – Your Passportal API Access Key ID. | ||
| 3. **HMAC Token** – A pre-generated HMAC-SHA256 hash token (base64 encoded). |
There was a problem hiding this comment.
[Documentation]
Factual inconsistency: Earlier steps create a hexadecimal HMAC hash, but this line says the token is base-64 encoded. Update to the correct encoding.
Context for Agents
[**Documentation**]
Factual inconsistency: Earlier steps create a hexadecimal HMAC hash, but this line says the token is base-64 encoded. Update to the correct encoding.
File: docs/integrations/all/passportal/connect.mdx
Line: 11There was a problem hiding this comment.
We say "hexadecimal" or "hex" now.
|
|
||
| **Important**: The Secret access key is only viewable once in the Create access key dialog. After closing this dialog, it cannot be retrieved again. | ||
|
|
||
| <img src="/integrations/all/passportal/api-keys.png" style={{maxWidth: "450px" }}/> |
There was a problem hiding this comment.
[Documentation]
Broken image path: File added is "passportal-api-keys.png" but the source here points to "api-keys.png". Update the filename or path so the image loads.
Context for Agents
[**Documentation**]
Broken image path: File added is "passportal-api-keys.png" but the source here points to "api-keys.png". Update the filename or path so the image loads.
File: docs/integrations/all/passportal/connect.mdx
Line: 40|
Thanks @hassan254-prog -- I've done my best to address your thoughtful comments. |
2 participants
Add support for N-Able Passportal
This PR adds authentication support for Passportal, a tool for IT teams to manage privileged access securely ("Passportal™ empowers safe, privileged access management across your devices, networks, and applications while helping you create, manage, and automate strong credentials.").
Passportal's API requires a two-step authentication process, in which the user exchanges an HMAC token and some of the HMAC parameters for an access token.
The PR includes the two-step auth provider details, as well as documentation and assets.
Successful authentication
Here's a screen recording showing that authentication succeeds only when parameters are correct.
Connection detail page (blurred raw token response omitted):
Connect documentation
Primary documentation
Add first-class N-Able Passportal integration with two-step HMAC auth
This PR introduces native support for N-Able Passportal vaults. It adds a new provider definition, wires it into the existing two-step authentication framework, and ships the associated documentation and brand assets. The change is purely additive—no existing APIs, schema, or runtime logic are altered—allowing users who manage secrets in Passportal to connect their vaults to the platform without custom scripting.
Key Changes
• Added Passportal provider entry to packages/providers/providers.yaml (defines required Client ID, Secret Key, API Key, Public Key fields)
• Auto-registered provider in the Two-Step Auth engine to enable immediate use across UI, CLI, and API
• Added passportal.svg brand asset and catalogue metadata for marketplace visibility
• Published full documentation set (overview, connection guide, code snippets) and registered it in docs/docs.json
Affected Areas
• providers manifest (packages/providers/providers.yaml)
• Two-Step Auth engine registration
• Documentation tree
• Static assets / integration catalogue
This summary was automatically generated by @propel-code-bot