DCKAP Integrator
Getting StartedIntegrator StatusRoadmapRelease Notes
  • Overview
    • Enterprise Integration Platform
    • What is DCKAP Integrator?
    • Integrator Architecture
    • Integrator Security
  • GETTING STARTED
    • Quick Start Guide
    • New User Registration
      • Available Plans
    • Integrator Dashboard
    • Analytics
  • User Guide
    • The Basics
    • Account Management
      • User Groups
      • Account Settings
      • Two-Factor Authentication
    • Projects
      • Add New Project
      • Managing Projects
      • Transfer Project Ownership
    • API Access Keys
    • Project Invitations
    • Help and Support
      • Raise a Ticket
      • Visibility and Collaborators
      • Help and Support - A Quick Overview
    • Exchange
  • PROJECT MANAGER
    • Integrations
      • Add New Pipe
      • Flows and Handlers
      • Mapping and Modifiers
      • Advanced Modifiers
      • Advanced Scheduler
    • Workflows
      • Flow Builder
      • Snippets
      • Actions
        • API Call
        • Console
        • Decision
        • Loop
        • Detail Logger
        • Error Logger
        • Code Runner
        • Formatter
        • Notification
        • Snippet
        • Return
        • Sleep
      • Mock Data
      • FAQs
    • Systems
      • Credentials
      • API Manager
        • API Components
        • Test API
      • Private Systems
      • Authentication Types
        • OAuth 2.0
    • Logs
    • Project Settings
    • Project Analytics
    • Advanced
      • Flows
    • Project Documents
  • TECHNICAL GUIDE
    • Flows & Handlers
      • Add New Flow
      • Simulator
      • Flows: Best Practices
      • Flows: Use Cases
      • Timezone Converter Handler
      • Supported Timezones
    • API and Mapping
  • Tutorials
    • Create a new Integration Pipe
    • Create a new Flow
    • How to Map data?
    • Working with Modifiers
    • Managing User Groups
    • How to use DCKAP Integrator Dynamic URL's?
  • API Documentation
    • Quick Start
    • Projects API
    • Credentials API
    • Templates API
    • Posting and Reading XML data via DCKAP Integrator
    • Commonly used APIs
  • Others
    • Product Roadmap
    • Release Notes
      • 4.4.0 April 29, 2025
      • 4.3.0 February 25, 2025
      • 4.2.0 December 19, 2024
      • 4.0.0 August 29, 2024
      • 3.4.8 May 27, 2024
      • 3.4.7 March 14, 2024
      • 3.4.6 January 4, 2024
      • 3.4.5 October 18, 2023
      • 3.4.4 May 16, 2023
      • 3.4.3 March 1, 2023
      • 3.4.2 December 20, 2022
      • 3.4.1 October 4, 2022
      • 3.4.0 August 10, 2022
      • 3.3.6 July 20, 2022
      • 3.3.5a June 23, 2022
      • 3.3.5 May 26, 2022
      • 3.3.4 March 31, 2022
      • 3.3.3 Feb 4, 2022
      • 3.3.2 November 24, 2021
      • 3.3.1 October 22, 2021
      • 3.3.0 August 28, 2021
      • 3.2.7 June 18, 2021
      • 3.2.6 May 11, 2021
      • 3.2.3 and 3.2.4 March 8, 2021
      • 3.2.2 Dec 24, 2020
      • 3.2.1 Nov 12, 2020
      • 3.2.0 - October 7, 2020
      • 3.1.10 - September 16, 2020
      • 3.1.9 - September 3, 2020
      • 3.1.8 - August 15, 2020
      • 3.1.7 - July 19, 2020
      • 3.1.6 - June 21, 2020
      • 3.1.5 - May 15, 2020
      • 3.1.4 - April 27, 2020
      • 3.1.3.0 - April 20, 2020
      • 3.1.3 - April 8, 2020
      • 3.1.2 - March 26, 2020
      • 3.1.1 - March 13, 2020
      • 3.1.0 - March 10, 2020
Powered by GitBook
On this page
  • DCKAP Integrator Security Protocols
  • Data Security
  • 1. Cloud Data Encryption
  • 2. Session Data
  • 3. Logs and Failure Records Reprocessing
  • Application Security
  • 1. Account Passwords
  • 2. Project Access
  • 3. Other Systems
  • 4. Service Consumers (Dynamic Calls)
  • Network Security

Was this helpful?

  1. Overview

Integrator Security

PreviousIntegrator ArchitectureNextQuick Start Guide

Last updated 1 day ago

Was this helpful?

DCKAP Integrator aims at protecting and encrypting the wealth of data that flows through it, for the entire integration lifecycle. As a middleware, DCKAP Integrator only acts as an interface to transfer data between systems and does not store a copy of the data.

Without compromising the speed of data transfer or the scalability of connecting multiple systems, DCKAP Integrator safeguards every byte of valuable and sensitive information that it processes.

By providing Access Control, DCKAP Integrator enables data authentication and authorization and further assures securing of critical information which is otherwise vulnerable to security breaches.

DCKAP Integrator Security Protocols

Data Security

By default, DCKAP Integrator saves only the entity ID (for logs and failure record reprocessing) and the data logged in flows. DCKAP Integrator does not store any other data transferred between systems.

All our files and data are stored in Amazon Web Services (AWS) Cloud. The following is a partial list of assurance programs with which AWS complies:

  • SOC 1/ISAE 3402, SOC 2, SOC 3

  • FISMA, DIACAP, and FedRAMP

  • PCI DSS Level 1

  • ISO 9001, ISO 27001, ISO 27017, ISO 27018

1. Cloud Data Encryption

User Credentials

All the credentials provided by the users are encrypted using AES-128 Cipher and stored in the cloud.

Console Logs

As stated earlier, DCKAP Integrator does not store the actual data transferred between systems. However, developers often need to see or understand the data which is flowing through DCKAP Integrator. To improve debugging techniques, we log console information of any given pipe only when it is enabled by the user in their respective account.

While moving to production, the user can disable the console logs and the saved console logs can be deleted at any point in time.

The configured console logs of the respective integration pipes are stored in the cloud(AWS S3 Bucket). The download link for the files will be created with secure keys and it will expire in 5 minutes.

2. Session Data

All the session information is stored on the server.

3. Logs and Failure Records Reprocessing

DCKAP Integrator saves the meta information like entity ID of failed records(to rerun the synchronization), execution time, number of records processed, number of records failed, status and so on.

All the logs data are automatically deleted at a regular interval(based on the user plan) and also the user has the ability to delete the data manually.

Application Security

1. Account Passwords

All user authentication is securely managed through AWS Cognito, our identity provider, ensuring robust access control, encrypted communication, and compliance with industry-standard security practices.

2. Project Access

The project owner can provide/revoke the project access to any user or user group at any point in time. The project owner has complete control over the user management for the project.

The project access level provided can vary from user to user based on the following two options:

  • Administrator - This access level has all the provisions similar to the Project Owner except the ability to delete or transfer the project.

  • Standard User - This access level doesn’t have access to delete or transfer or provide project access to other users. They are also not allowed to modify the project configuration.

The Project Owner has the ability to switch the above privileges for any user anytime.

Without access provided by the project owner or Administrators, no other user can access the project information. User Access Privilege is ensured in all the pages.

3. Other Systems

DCKAP Integrator can establish communication with different systems (such as ERP, CRM, eCommerce, etc.) based on the flows configured to the pipe.

4. Service Consumers (Dynamic Calls)

All the requests are processed by AWS Lambda serverless compute service.

Network Security

AWS Security Group Implemented

  • AWS Security Group Implemented

    • control inbound and outbound traffic

    • provides security at the protocol and port access level

  • SSL/TLS 1.2 Implemented

    • Encrypts information that is sent over the internet and provides identity assurance

  • All of the AWS APIs are available via SSL-protected endpoints which provide server authentication.

  • Port scans of Amazon EC2 instances are generally ineffective because, by default, all inbound ports on Amazon EC2 instances are closed and are only opened by the DCKAP Integrator Infrastructure Manager.

  • Connections to Databases are highly secured and are allowed only from certain whitelisted IPs.

To learn more about AWS Security and Compliance, .

Some authentication mechanisms include , , , , and so on. They vary from system to system.

Service Consumers can communicate with the application only if it is authorized. DCKAP Integrator supports authentication mechanisms like and access tokens for authenticating external requests.

click here
OAuth1(RFC 5849)
OAuth2(RFC 6749)
Basic Authentication(RFC 7617)
Bearer Token(RFC 6750)
NTLM Authentication
Json Web Tokens(JWT, RFC 7519)