Skip to main content

Configuration Manager API

The Configuration Manager Service provides a centralized way to manage configuration settings across your organization’s services. It securely stores various configuration parameters in a key-value store (ETCD by default) and provides APIs to manage these configurations.

Base URL

All endpoints are prefixed with /api/v1/configurationManager

Authentication

All endpoints require authentication via Bearer token: 
Authorization: Bearer YOUR_TOKEN

Architecture Overview

The Configuration Manager Service is built on a Node.js backend that leverages ETCD (or other compatible key-value stores) for secure configuration storage. The service:
  • Securely encrypts sensitive configuration values using AES-256-GCM algorithm
  • Provides a RESTful API for managing configurations
  • Integrates with other services via event-driven architecture
  • Controls access through authentication and authorization
  • Performs health checks before saving configurations

Key Features

  • Secure Storage: All sensitive configurations are encrypted using AES-256-GCM algorithm
  • Health Checks: Built-in validation of configuration parameters before storage
  • Event Notifications: Publishes events when critical configurations change
  • Centralized Management: Single service to control settings across the system
  • AI Model Management: Advanced provider management for AI models with support for multiple models per provider
  • Connector Integration: Support for various connectors including Google Workspace, Atlassian, OneDrive, and SharePoint

Supported Configurations

The Configuration Manager handles various types of configurations:
  1. Storage Configurations - AWS S3, Azure Blob, or Local storage settings
  2. Authentication Configurations - Azure AD, Google, Microsoft, SSO, and OAuth settings
  3. Database Configurations - MongoDB, ArangoDB, and Qdrant settings
  4. Key-Value Store Configurations - Redis settings
  5. Message Broker Configurations - Kafka settings
  6. SMTP Configurations - Email service settings
  7. AI Models Configurations - Settings for LLM, embedding, OCR, SLM, reasoning, and multiModal models
  8. Connector Configurations - Google Workspace, Atlassian, OneDrive, and SharePoint integrations
  9. Public URL Configurations - Frontend and connector URLs
  10. Metrics Collection Configurations - Settings for metrics gathering

API Endpoints

The Storage Configuration API enables you to configure different storage backends for your application.
Configure the storage service with specific backend details.
  • Request
  • Response
Endpoint: POST /api/v1/configurationManager/storageConfigRequest Body Parameters:
ParameterTypeRequiredDescription
storageTypestringYesType of storage (“s3”, “azureBlob”, or “local”)
S3 Storage Config:
{
  "storageType": "s3",
  "s3AccessKeyId": "YOUR_ACCESS_KEY_ID",
  "s3SecretAccessKey": "YOUR_SECRET_ACCESS_KEY",
  "s3Region": "us-west-2",
  "s3BucketName": "your-bucket-name"
}
Azure Blob Storage Config (Connection String):
{
  "storageType": "azureBlob",
  "azureBlobConnectionString": "DefaultEndpointsProtocol=https;AccountName=...",
  "containerName": "your-container-name"
}
Azure Blob Storage Config (Individual Parameters):
{
  "storageType": "azureBlob",
  "accountName": "your-account-name",
  "accountKey": "your-account-key",
  "containerName": "your-container-name",
  "endpointProtocol": "https",
  "endpointSuffix": "core.windows.net"
}
Local Storage Config:
{
  "storageType": "local",
  "mountName": "PipesHub",
  "baseUrl": "http://localhost:3000"
}
Retrieve the current storage configuration.
  • Request
  • Response
Endpoint: GET /api/v1/configurationManager/storageConfig
Configure email service settings for your application.
Configure SMTP settings for email services.
  • Request
  • Response
Endpoint: POST /api/v1/configurationManager/smtpConfigRequest Body Parameters:
ParameterTypeRequiredDescription
hoststringYesSMTP server host
portnumberYesSMTP server port
usernamestringNoSMTP username
passwordstringNoSMTP password
fromEmailstringYesDefault sender email
{
  "host": "smtp.example.com",
  "port": 587,
  "username": "your-username",
  "password": "your-password",
  "fromEmail": "no-reply@example.com"
}
Retrieve the current SMTP configuration.
  • Request
  • Response
Endpoint: GET /api/v1/configurationManager/smtpConfig
The Authentication Configuration API allows you to manage various authentication providers.
Configure Azure Active Directory authentication.
  • Request
  • Response
Endpoint: POST /api/v1/configurationManager/authConfig/azureAdRequest Body Parameters:
ParameterTypeRequiredDescription
clientIdstringYesAzure AD client ID
tenantIdstringNoAzure AD tenant ID (defaults to “common”)
{
  "clientId": "your-client-id",
  "tenantId": "your-tenant-id"
}
  • Request
  • Response
Endpoint: GET /api/v1/configurationManager/authConfig/azureAd
Configure Microsoft authentication.
  • Request
  • Response
Endpoint: POST /api/v1/configurationManager/authConfig/microsoftRequest Body Parameters:
ParameterTypeRequiredDescription
clientIdstringYesMicrosoft client ID
tenantIdstringNoMicrosoft tenant ID (defaults to “common”)
{
  "clientId": "your-client-id",
  "tenantId": "your-tenant-id"
}
  • Request
  • Response
Endpoint: GET /api/v1/configurationManager/authConfig/microsoft
Configure Google authentication.
  • Request
  • Response
Endpoint: POST /api/v1/configurationManager/authConfig/googleRequest Body Parameters:
ParameterTypeRequiredDescription
clientIdstringYesGoogle client ID
{
  "clientId": "your-client-id"
}
  • Request
  • Response
Endpoint: GET /api/v1/configurationManager/authConfig/google
Configure SAML-based Single Sign-On.
  • Request
  • Response
Endpoint: POST /api/v1/configurationManager/authConfig/ssoRequest Body Parameters:
ParameterTypeRequiredDescription
entryPointstringYesSSO entry point URL
certificatestringYesSSO certificate
emailKeystringYesKey for email in SSO response
{
  "entryPoint": "https://sso.example.com/saml",
  "certificate": "-----BEGIN CERTIFICATE-----\nMIIC...\n-----END CERTIFICATE-----",
  "emailKey": "email"
}
  • Request
  • Response
Endpoint: GET /api/v1/configurationManager/authConfig/sso
Configure custom OAuth authentication.
  • Request
  • Response
Endpoint: POST /api/v1/configurationManager/authConfig/oauthRequest Body Parameters:
ParameterTypeRequiredDescription
providerNamestringYesOAuth provider name
clientIdstringYesOAuth client ID
clientSecretstringNoOAuth client secret
authorizationUrlstringNoAuthorization URL
tokenEndpointstringNoToken endpoint URL
userInfoEndpointstringNoUser info endpoint URL
scopestringNoOAuth scope
redirectUristringNoRedirect URI
{
  "providerName": "Custom OAuth Provider",
  "clientId": "your-client-id",
  "clientSecret": "your-client-secret",
  "authorizationUrl": "https://provider.com/oauth/authorize",
  "tokenEndpoint": "https://provider.com/oauth/token",
  "userInfoEndpoint": "https://provider.com/oauth/userinfo",
  "scope": "read:user",
  "redirectUri": "https://yourapp.com/callback"
}
  • Request
  • Response
Endpoint: GET /api/v1/configurationManager/authConfig/oauth
Configure database connections for your application. All database configurations include automatic health checks before saving.
Configure MongoDB database connection.
  • Request
  • Response
Endpoint: POST /api/v1/configurationManager/mongoDBConfigRequest Body Parameters:
ParameterTypeRequiredDescription
uristringYesMongoDB connection URI
{
  "uri": "mongodb://username:password@hostname:port/database"
}
  • Request
  • Response
Endpoint: GET /api/v1/configurationManager/mongoDBConfig
Configure ArangoDB database connection.
  • Request
  • Response
Endpoint: POST /api/v1/configurationManager/arangoDBConfigRequest Body Parameters:
ParameterTypeRequiredDescription
urlstringYesArangoDB connection URL
usernamestringNoArangoDB username
passwordstringNoArangoDB password
{
  "url": "http://localhost:8529",
  "username": "root",
  "password": "password"
}
  • Request
  • Response
Endpoint: GET /api/v1/configurationManager/arangoDBConfig
Configure Qdrant vector database connection.
  • Request
  • Response
Endpoint: POST /api/v1/configurationManager/qdrantConfigRequest Body Parameters:
ParameterTypeRequiredDescription
hoststringYesQdrant server host
portnumberYesQdrant HTTP port
grpcPortnumberNoQdrant gRPC port
apiKeystringNoQdrant API key (not required for localhost)
{
  "host": "localhost",
  "port": 6333,
  "grpcPort": 6334,
  "apiKey": "your-api-key"
}
  • Request
  • Response
Endpoint: GET /api/v1/configurationManager/qdrantConfig
Configure Redis as a key-value store with automatic health checks.
  • Request
  • Response
Endpoint: POST /api/v1/configurationManager/redisConfigRequest Body Parameters:
ParameterTypeRequiredDescription
hoststringYesRedis server host
portnumberYesRedis server port
passwordstringNoRedis password
tlsbooleanNoEnable TLS for Redis connection
{
  "host": "redis.example.com",
  "port": 6379,
  "password": "your-password",
  "tls": true
}
  • Request
  • Response
Endpoint: GET /api/v1/configurationManager/redisConfig
Configure Kafka message broker with automatic health checks and broker validation.
  • Request
  • Response
Endpoint: POST /api/v1/configurationManager/kafkaConfigRequest Body Parameters:
ParameterTypeRequiredDescription
brokersstring[]YesArray of Kafka broker URLs
saslobjectNoSASL authentication details
{
  "brokers": ["kafka-1:9092", "kafka-2:9092"],
  "sasl": {
    "mechanism": "plain",
    "username": "your-username",
    "password": "your-password"
  }
}
  • Request
  • Response
Endpoint: GET /api/v1/configurationManager/kafkaConfig
Configure AI models for various tasks with advanced provider management.
Manage the complete AI models configuration for all model types.
  • Request
  • Response
Endpoint: POST /api/v1/configurationManager/aiModelsConfigRequest Body Parameters: At least one AI model type must be configured.
{
  "llm": [
    {
      "provider": "openAI",
      "configuration": {
        "model": "gpt-4o,gpt-4o-mini",
        "apiKey": "your-openai-key",
        "organizationId": "your-org-id"
      },
      "isMultimodal": false,
      "isDefault": true
    }
  ],
  "embedding": [
    {
      "provider": "openAI",
      "configuration": {
        "model": "text-embedding-ada-002",
        "apiKey": "your-openai-key"
      },
      "isMultimodal": false,
      "isDefault": true
    }
  ]
}
  • Request
  • Response
Endpoint: GET /api/v1/configurationManager/aiModelsConfig
Advanced management endpoints for AI model providers.
  • Request
  • Response
Endpoint: GET /api/v1/configurationManager/ai-models
  • Request
  • Response
Endpoint: GET /api/v1/configurationManager/ai-models/{modelType}Path Parameters:
ParameterTypeRequiredDescription
modelTypestringYesOne of: llm, embedding, ocr, slm, reasoning, multiModal
  • Request
  • Response
Endpoint: GET /api/v1/configurationManager/ai-models/available/{modelType}Path Parameters:
ParameterTypeRequiredDescription
modelTypestringYesOne of: llm, embedding, ocr, slm, reasoning, multiModal
CRUD operations for individual AI model providers.
  • Request
  • Response
Endpoint: POST /api/v1/configurationManager/ai-models/providersRequest Body Parameters:
ParameterTypeRequiredDescription
modelTypestringYesOne of: llm, embedding, ocr, slm, reasoning, multiModal
providerstringYesProvider name (e.g., openAI, anthropic, cohere)
configurationobjectYesProvider-specific configuration
isMultimodalbooleanNoWhether model supports multimodal input (default: false)
isDefaultbooleanNoWhether this should be the default model (default: false)
{
  "modelType": "llm",
  "provider": "anthropic",
  "configuration": {
    "model": "claude-3-opus",
    "apiKey": "your-anthropic-key"
  },
  "isMultimodal": true,
  "isDefault": false
}
  • Request
  • Response
Endpoint: PUT /api/v1/configurationManager/ai-models/providers/{modelType}/{modelKey}Path Parameters:
ParameterTypeRequiredDescription
modelTypestringYesOne of: llm, embedding, ocr, slm, reasoning, multiModal
modelKeystringYesUnique key for the model configuration
Request Body Parameters:
ParameterTypeRequiredDescription
providerstringYesProvider name
configurationobjectYesProvider-specific configuration
isMultimodalbooleanNoWhether model supports multimodal input (default: false)
isDefaultbooleanNoWhether this should be the default model (default: false)
{
  "provider": "anthropic",
  "configuration": {
    "model": "claude-3-sonnet",
    "apiKey": "your-updated-anthropic-key"
  },
  "isMultimodal": true,
  "isDefault": true
}
  • Request
  • Response
Endpoint: DELETE /api/v1/configurationManager/ai-models/providers/{modelType}/{modelKey}Path Parameters:
ParameterTypeRequiredDescription
modelTypestringYesOne of: llm, embedding, ocr, slm, reasoning, multiModal
modelKeystringYesUnique key for the model configuration
  • Request
  • Response
Endpoint: PUT /api/v1/configurationManager/ai-models/default/{modelType}/{modelKey}Path Parameters:
ParameterTypeRequiredDescription
modelTypestringYesOne of: llm, embedding, ocr, slm, reasoning, multiModal
modelKeystringYesUnique key for the model configuration
Configure connectors for integrating with external services.
Configure Google Workspace integration settings.
  • Request
  • Response
Endpoint: POST /api/v1/configurationManager/connectors/googleWorkspaceOauthConfigRequest Body Parameters:
ParameterTypeRequiredDescription
clientIdstringYesGoogle client ID
clientSecretstringYesGoogle client secret
enableRealTimeUpdatesboolean/stringNoEnable real-time updates
topicNamestringNoPub/Sub topic name (required if enableRealTimeUpdates is true)
{
  "clientId": "your-google-client-id",
  "clientSecret": "your-google-client-secret",
  "enableRealTimeUpdates": true,
  "topicName": "gmail-updates"
}
  • Request
  • Response
Endpoint: GET /api/v1/configurationManager/connectors/googleWorkspaceOauthConfig
  • Request
  • Response
Endpoint: POST /api/v1/configurationManager/connectors/googleWorkspaceCredentialsContent-Type: multipart/form-dataRequest Body Parameters:
ParameterTypeRequiredDescription
googleWorkspaceCredentialsfileNoJSON file with credentials (for business accounts)
userTypestringNo”individual” or “business”
fileChangedbooleanNoWhether the file was changed (for business accounts)
adminEmailstringConditionalRequired for business accounts
enableRealTimeUpdatesboolean/stringNoEnable real-time updates
topicNamestringNoPub/Sub topic name (required if enableRealTimeUpdates is true)
For individual accounts, you can also send credentials directly in the request body:
{
  "access_token": "your-access-token",
  "refresh_token": "your-refresh-token",
  "access_token_expiry_time": 1640995200000,
  "refresh_token_expiry_time": 1672531200000,
  "enableRealTimeUpdates": true,
  "topicName": "gmail-updates"
}
  • Request
  • Response
Endpoint: GET /api/v1/configurationManager/connectors/googleWorkspaceCredentials
Configure Atlassian integration.
  • Request
  • Response
Endpoint: POST /api/v1/configurationManager/connectors/atlassian/configRequest Body Parameters:
ParameterTypeRequiredDescription
clientIdstringYesAtlassian client ID
clientSecretstringYesAtlassian client secret
{
  "clientId": "your-atlassian-client-id",
  "clientSecret": "your-atlassian-client-secret"
}
  • Request
  • Response
Endpoint: GET /api/v1/configurationManager/connectors/atlassian/config
Configure Microsoft OneDrive integration.
  • Request
  • Response
Endpoint: POST /api/v1/configurationManager/connectors/onedrive/configRequest Body Parameters:
ParameterTypeRequiredDescription
clientIdstringYesMicrosoft client ID
clientSecretstringYesMicrosoft client secret
tenantIdstringYesMicrosoft tenant ID
hasAdminConsentbooleanNoWhether admin consent has been granted
{
  "clientId": "your-microsoft-client-id",
  "clientSecret": "your-microsoft-client-secret",
  "tenantId": "your-tenant-id",
  "hasAdminConsent": true
}
  • Request
  • Response
Endpoint: GET /api/v1/configurationManager/connectors/onedrive/config
Configure Microsoft SharePoint integration.
  • Request
  • Response
Endpoint: POST /api/v1/configurationManager/connectors/sharepoint/configRequest Body Parameters:
ParameterTypeRequiredDescription
clientIdstringYesMicrosoft client ID
clientSecretstringYesMicrosoft client secret
tenantIdstringYesMicrosoft tenant ID
sharepointDomainstringYesSharePoint domain
hasAdminConsentbooleanNoWhether admin consent has been granted
{
  "clientId": "your-microsoft-client-id",
  "clientSecret": "your-microsoft-client-secret",
  "tenantId": "your-tenant-id",
  "sharepointDomain": "yourcompany.sharepoint.com",
  "hasAdminConsent": true
}
  • Request
  • Response
Endpoint: GET /api/v1/configurationManager/connectors/sharepoint/config
Configure public URLs for frontend and connector services.
  • Request
  • Response
Endpoint: POST /api/v1/configurationManager/frontendPublicUrlRequest Body Parameters:
ParameterTypeRequiredDescription
urlstringYesPublic URL for frontend service
{
  "url": "https://app.example.com"
}
  • Request
  • Response
Endpoint: GET /api/v1/configurationManager/frontendPublicUrl
  • Request
  • Response
Endpoint: POST /api/v1/configurationManager/connectorPublicUrlRequest Body Parameters:
ParameterTypeRequiredDescription
urlstringYesPublic URL for connector service
{
  "url": "https://connectors.example.com"
}
  • Request
  • Response
Endpoint: GET /api/v1/configurationManager/connectorPublicUrl
Configure metrics collection settings for monitoring and analytics.
  • Request
  • Response
Endpoint: PUT /api/v1/configurationManager/metricsCollection/toggleRequest Body Parameters:
ParameterTypeRequiredDescription
enableMetricCollectionbooleanYesEnable or disable metrics collection
{
  "enableMetricCollection": true
}
  • Request
  • Response
Endpoint: GET /api/v1/configurationManager/metricsCollection
  • Request
  • Response
Endpoint: PATCH /api/v1/configurationManager/metricsCollection/pushIntervalRequest Body Parameters:
ParameterTypeRequiredDescription
pushIntervalMsnumberYesPush interval in milliseconds
{
  "pushIntervalMs": 30000
}
  • Request
  • Response
Endpoint: PATCH /api/v1/configurationManager/metricsCollection/serverUrlRequest Body Parameters:
ParameterTypeRequiredDescription
serverUrlstringYesRemote metrics server URL
{
  "serverUrl": "https://metrics.example.com"
}

Encryption and Security

The Configuration Manager Service uses AES-256-GCM encryption to protect sensitive configuration data. Key features include:
  • Secret Key Hashing: The secret key used for encryption is hashed using SHA-256 for added security
  • Per-Configuration Encryption: Each sensitive configuration is individually encrypted
  • Fine-grained Access Control: API endpoints require appropriate authentication and authorization
  • Health Checks: Automatic validation of configurations before storage

Event-Driven Architecture

The Configuration Manager publishes events when critical configurations change:
  • LLM Configured Event: When AI models are configured or updated
  • Connector Public URL Changed Event: When connector URLs are updated
  • Gmail Updates Enabled/Disabled Event: When Gmail real-time updates are toggled
These events allow other services to react to configuration changes without polling.

Health Checks

The service includes built-in health checks for various configurations that are automatically performed before saving:
  • Kafka Health Check: Verifies Kafka broker connectivity and validates broker URLs
  • Redis Health Check: Tests Redis connection with timeout and retry logic
  • Qdrant Health Check: Ensures Qdrant vector database is accessible via HTTP
  • MongoDB Health Check: Validates MongoDB connection using ping command
  • ArangoDB Health Check: Confirms ArangoDB connection and authentication
  • AI Models Health Check: Validates AI model configurations with provider APIs

Schema Definitions

  • Authentication Config Schema
  • Storage Config Schema
  • Database Config Schema
  • AI Models Config Schema
  • Connector Config Schema
  • Other Config Schemas
// Azure AD Config
interface AzureAdConfig {
  clientId: string;
  tenantId: string; // defaults to "common"
  authority: string;
}

// SSO Config
interface SsoConfig {
  entryPoint: string;
  certificate: string; // Certificate content (BEGIN/END markers removed)
  emailKey: string;
}

// Google Auth Config
interface GoogleAuthConfig {
  clientId: string;
}

// Microsoft Auth Config
interface MicrosoftAuthConfig {
  clientId: string;
  tenantId: string; // defaults to "common"
  authority: string;
}

// OAuth Config
interface OAuthConfig {
  providerName: string;
  clientId: string;
  clientSecret?: string;
  authorizationUrl?: string;
  tokenEndpoint?: string;
  userInfoEndpoint?: string;
  scope?: string;
  redirectUri?: string;
}
I