SeeClickFix Connect integrations are implemented over secure HTTPSHypertext Transfer Protocol Secure connections (SSLSecure Sockets Layer/TSLTransport Layer Security 1.2+) originating from our backend integration servers. There are two general types of integrations:
- Remote system managed by the vendor in the cloud
- Remote system managed by the customer in a private network (i.e., on-premise systems)
For both scenarios, the SeeClickFix configuration will require hostnames that resolve to the publicly routable IP address of the remote system(s). For vendor-managed systems, the vendor will provide the hostname details as well as SSL certificate configuration for the HTTPS connections. For customer-managed systems, the city will need to configure a public hostname and manage the SSL certificate for the remote system.
SeeClickFix supports a variety of authentication mechanisms for these connections including:
- APIApplication Programming Interface keys
- OAuth2Open Authorization Tokens
- Basic Authentication
Authentication configuration is part of the onboarding and configuration process.
In addition to the HTTPS connections and authentication, CivicPlus strongly recommend that remote systems located on customer networks be protected by a firewall that is configured to permit our integration servers to connect to the remote system(s) on the customer network. The IP addresses of our integration servers are provided during the implementation phase. This address list is stable but, with sufficient advance notice, CivicPlus may change the list as part of our regular infrastructure maintenance. The customer is responsible for all configurations needed to facilitate the SeeClickFix integration connection, including domain configuration, server externalization, and firewall whitelisting.
Below is a high-level diagram of an installation with a customer-managed network:
Comments
Let us know what was helpful or not helpful about the article.0 comments
Please sign in to leave a comment.