External services configuration

Configuration table
Authentication types
Keystore file

Configuration table

Configure external services in the Administration > Integration > External services > Configuration table. Enter the following properties:

Property	Definition
Identifier	Unique identifier of the service configuration.
URL	Specifies the base URL of the server to be called. Use HTTPS to encrypt the communication between the client and the server. The URL has the following format: `http[s]://<host>[:<port>]/{path}{?<queryParameters>}` Where: `host` and `port`: define the server address where the API resides. `path`: the path of the specific resource within the API. `queryParameters`: optional parameters used to filter or refine the resource.
Usage type	Defines the usage type of the external service: Assistant AI and/or the REST service.
Authentication type	Defines the user authentication when making API requests. Use the following types to access the API and its resources: basic, custom, EBX and none.

Authentication types

Authentication ensures that only authorized users can access the service and its resources. The following authentication types are supported:

Type	Description
Basic	A simple and fast method of HTTP authentication that requires a valid username and password. Credentials are encoded in base 64 and included in the HTTP request header. Passwords are securely stored in the EBX® repository with strong encryption with strong encryption. For details see Keystore file.
EBX	Enables access to the EBX Built-in RESTful service. A valid username and password must be provided. Passwords are securely stored in the EBX® with strong encryption. For details see Keystore file..
Custom	Enables custom authentication such as API keys, tokens, or OAuth by providing valid key names and key values. The values of the keys can be secret or not. All the keys, secret or not, must have a different name otherwise a validation error is displayed. Secret keys are securely stored in the EBX® repository with strong encryption. For details see Keystore file.
None	No authentication is needed.

Keystore file

Introduction

EBX® uses a keystore file to store secret keys used for encrypting or signing data. The location of this file and related details are specified by a keystore sensitive property file.

Keystore sensitive property file

Sensitive properties specify the location of the keystore file and other related information, such as the secret key aliases and passwords.

Store sensitive properties in a property file that is separate from the ebx.properties file. By default, this file is named ebx-keystore-sensitive.properties and is stored in the same directory as the EBX® repository. You can change the location by setting property ebx.keystore.sensitive.properties.path in file ebx.properties.

This property file has the following format:

## This file contains sensitive properties of the EBX application keystore.
## Access to this file should be restricted to the operating system user that is running EBX.
##
## The keystore type.
ebx.keystore.type=PKCS12
##
## The keystore path.
## If relative, it's absolute path is resolved against this file's folder.
## This property should be removed if the keystore type is not file based.
ebx.keystore.path=ebx-keystore.p12
##
## The keystore password.
ebx.keystore.password.obf=XjJZFfsUXfrzq66GJxfBIa/ulHdPqaeC6/MMMHLyA11XvQZ6/rFqVbmjDZgDL5GPRcDc1+OQQpw6Fg==
##
## The alias of the secret key used to encrypt password type values.
ebx.keystore.key.passwordType.alias=ebx.passwordType
##
## The password of the secret key used to encrypt password type values.
## For PKCS12 keystores, should be the same as the keystore password.
ebx.keystore.key.passwordType.password.obf=XjJZFfsUXfrzq66GJxfBIa/ulHdPqaeC6/MMMHLyA11XvQZ6/rFqVbmjDZgDL5GPRcDc1+OQQpw6Fg==
##
## The alias of the secret key used to sign web tokens.
ebx.keystore.key.webToken.alias=ebx.webToken
##
## The password of the secret key used to sign web tokens.
## For PKCS12 keystores, should be the same as the keystore password.
ebx.keystore.key.webToken.password.obf=XjJZFfsUXfrzq66GJxfBIa/ulHdPqaeC6/MMMHLyA11XvQZ6/rFqVbmjDZgDL5GPRcDc1+OQQpw6Fg==

Automatic installation

On first startup, EBX® creates the ebx-keystore.p12 and ebx-keystore-sensitive.properties files in the EBX® repository folder. The secret keys are automatically generated and specific to an installation.

Staging

By default, EBX® staging servers have different secret keys. Data encrypted by one staging server cannot be decrypted by another. To avoid this issue and align keys across all EBX® staging servers:

copy the same keystore file (by default ebx-keystore.p12), and
copy the keystore sensitive property file (by default ebx-keystore-sensitive.properties) to all EBX® staging server installations.

Documentation > Administration Guide > Technical administration

TIBCO EBX® Version 6.2.2. Copyright © 2001-2025. Cloud Software Group, Inc. All rights reserved.

All third party product and company names and third party marks mentioned in this document are the property of their respective owners and are mentioned for identification.