Faros authenticates to sources using Connections. Connections can be created when creating a source, or from the Connections page. The page allows you to manage all of your existing connections and see when they were last modified. If a connection is edited, all sources using it to authenticate will pick up the changes. Similarly, if you choose to delete a connection all sources using it will stop pulling data. It is also possible to create different connections for a given scope with different permissions.
To create a new connection, first provide a unique name and source type.
Depending on the source you are connecting, additional fields will appear. Certain sources require a specific set of permissions before Faros can authenticate to them. To find out if certain permissions are required, hover over the help icon next to the API key or token input. For some of these connections, Faros will check if your tokens are correctly scoped. You can skip these checks by toggling the validation functionality off.
Once you have created a connection, all future sources can use it to authenticate.
Faros uses API tokens to periodically pull metadata; define token expiration according to your company policy and automation.
Provide GitHub API token with read permissions: repo, read:org, read:user
Provide GitHub API token with read permissions: repo, read:packages, read:org, read:discussion, read:user, user:email, read:enterprise
GitLab, GitLab CE/EE
Provide GitLab personal access token token with read permissions: read_api
VCS: Provide Bitbucket "App Password" with read permissions: Pull Requests : read, Issues: read, Workspace membership :read, Projects: read, Repositories: read
CICD: Provide Bitbucket "App Password" with read permissions: Pipelines: read, Repositories, read
Provide Buildkite API access token with the following read permissions: Organization Access, Read Organizations, Read Pipelines, Read Builds, GraphQL API Access
Provide valid AWS credentials with the following permissions: codedeploy:ListDeployments, codedeploy:BatchGetDeployments
Provide a docker token with the scope read_api
Provide a Sentry token with scope org:read, project:read.
Jira Cloud, Jira Server/DC
The integration user needs application access to Jira, the 'Browse Users' global permission, and the 'Browse Project' and 'View Development Tools' permissions for each project
Create a Read Only API key by navigating to https://.pagerduty.com/api_keys (instructions)
Integration user should have the roles: sn_incident_read, cmdb_query_builder_read (details on roles)
Create an API key with "Read" and "Configuration access" rights. See the documentation
Create an API key with a user that has an access level with 'View Only' permissions for the following fields on all employees: Basic Info -> First Name, Last Name; Address -> all fields; Contact -> Work Email; Hire Date; Job Information -> Job Title, Reporting to, Department
Create a Conduit API token with either a bot user or a regular user with visibility into the desired projects and repositories.
Create an API key with a user that has 'Browse' permissions for each project. See the documentation
Please reach out to [email protected] with questions.
Updated about 1 month ago