circle-info
Read on newly released AI assisted Insights
flxbl docsarrow-up-right
search
Learn CD Concepts using LabsslackGitHub

Integrations

hashtag
List all integrations

get

List all configured integrations. Returns integration metadata without credentials.

Authentication: Requires Owner role. This endpoint is for administrative purposes to view and manage integrations.

Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Query parameters
providerstring · enumOptional

Filter by provider: github or jira

Possible values:
Responses
chevron-right
200

List of integrations

No content
get
/sfp/api/integrations
No content

hashtag
Store credentials for external services (Jira, GitHub)

post

Securely store credentials for external integrations. Credentials are encrypted at rest using AES-256.

Authentication: Requires user authentication (Owner or Member role). Application tokens are not permitted for credential creation.

Scope options:

  • Global (isGlobal: true): Credentials available to all projects. Use for shared services like a company-wide Jira.

  • Project-scoped (projects: [...]): Credentials only for specific repositories. Projects must be registered first via POST /projects.

Common setups:

  • Jira: provider: "jira", authType: "basic_auth", credentials: { base_url, username, api_token }

  • GitHub PAT: provider: "github", authType: "pat", credentials: { token }

See full guide: https://docs.flxbl.io/sfp/api-reference/integrations

Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Body
providerstring · enumRequired

External service to integrate with

Default: githubPossible values:
authTypestring · enumRequired

How to authenticate with the provider:

  • pat for GitHub/Azure DevOps tokens
  • basic_auth for Jira (email + API token)
  • oauth_client_credentials for Jira OAuth 2.0 (client_id + client_secret + cloud_id)
  • service_principal for Azure DevOps (client_id + client_secret + tenant_id)
  • app for GitHub App
  • oauth for OAuth flows
  • api_key for AI providers (Anthropic, OpenAI, Google)
  • bearer for AWS Bedrock
Default: patPossible values:
credentialsobjectRequired

Provider-specific credentials. Examples: - GitHub PAT: { token: "ghp_xxx" } - GitHub App: { appId: "123456", privateKey: "-----BEGIN RSA..." } - Azure DevOps PAT: { organization_url: "https://dev.azure.com/org", token: "xxx" } - Azure DevOps Service Principal: { organization_url: "https://dev.azure.com/org", client_id: "xxx", client_secret: "xxx", tenant_id: "xxx" } - Jira basic_auth: { base_url: "https://company.atlassian.net", username: "email", api_token: "token" } - Jira oauth_client_credentials: { client_id: "...", client_secret: "...", cloud_id: "..." } - AI Anthropic: { api_key: "sk-ant-..." } - AI OpenAI: { api_key: "sk-..." } - AI Google: { api_key: "..." } - AI GitHub Copilot: { token: "ghu_..." } - AI Amazon Bedrock: { bearer_token: "...", region: "us-east-1" }

Example: {"token":"ghp_xxxx"}
projectsstring[]Optional

Repository identifiers to scope this integration to. Get these from GET /projects or register via POST /projects. Required if isGlobal is false.

Example: ["flxbl-io/sf-core","acme-corp/salesforce-main"]
isGlobalbooleanOptional

Set true to make credentials available to ALL projects. Use for shared services like a company-wide Jira instance. Either isGlobal or projects must be specified.

Example: true
isDefaultbooleanOptional

Mark as the system default for this provider category. Only global integrations can be default. AI providers are grouped — setting one AI provider as default unsets any other AI default.

Default: false
configobjectOptional

Provider-specific configuration options

Responses
post
/sfp/api/integrations
No content

hashtag
List default integrations

get

List all integrations marked as system defaults. One default per provider category (AI providers are grouped — only one default across all AI providers). Default integrations are used as fallback when a project has no project-specific integration.

Authentication: Requires Owner role.

Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Responses
chevron-right
200

List of default integrations

No content
get
/sfp/api/integrations/defaults
No content

hashtag
Retrieve stored credentials

get

Fetch decrypted credentials for integrations. Returns credentials matching the filter criteria. All access is logged for audit purposes.

Authentication: Accepts both user authentication and application tokens. Machine access is logged as app:<token_id> for audit trail.

Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Query parameters
providerstring · enumOptional

Filter by service: github or jira

Possible values:
projectstringOptional

Filter by registered project identifier (e.g., flxbl-io/sf-core). List projects via GET /projects.

Responses
chevron-right
200

Credentials retrieved successfully

No content
get
/sfp/api/integrations/credentials
No content

hashtag
Delete an integration

delete

Permanently delete an integration and its encrypted credentials.

Authentication: Requires Owner role. This action cannot be undone.

Effects:

  • Removes the integration configuration

  • Deletes encrypted credentials from secure storage

  • Removes integration reference from associated projects

  • Logs deletion in audit trail

Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Path parameters
idstringRequired

Integration ID (UUID)

Responses
delete
/sfp/api/integrations/{id}
No content

hashtag
Check health of platform integrations for registered projects

get

Verifies that the source control platform (GitHub or Azure DevOps) is reachable and that credentials are valid for each registered project.

hashtag
How it works

Each project registered via POST /projects declares a platform field (github or azure-devops). This endpoint resolves the credentials for each project's platform and makes a lightweight API call to confirm access.

hashtag
Credential resolution

Platform
What is checked

GitHub

Uses the GitHub App credentials (user-configured integration first, falls back to built-in App from server environment). Calls GET /repos/{owner}/{repo} to confirm repository access.

Azure DevOps

Uses the Service Principal credentials from the configured integration. Calls GET /_apis/connectiondata to confirm API connectivity.

hashtag
Modes

Parameter
Behavior

No project

Lists all registered projects and checks each one. Useful for a full integration health overview.

project=flxbl-io/sf-core

Checks only the specified project. Useful for verifying a single onboarding.

hashtag
Response statuses

Overall status
Meaning

healthy

All projects have working platform integrations

degraded

Some projects are healthy, others are not

unhealthy

No project has a working platform integration

hashtag
Common failure causes

  • GitHub: App not installed on the organization, or repository is private and not accessible to the App

  • Azure DevOps: Service Principal not registered via POST /integrations, invalid client credentials, or organization URL is wrong

hashtag
Authentication

Requires any authenticated role (Owner, Member, or Application token).

Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Query parameters
projectstringOptional

Project identifier to check (e.g., flxbl-io/sf-core for GitHub, org/project/repo for Azure DevOps). Omit to check all registered projects.

Example: flxbl-io/sf-core
Responses
chevron-right
200

Platform health check results

application/json
statusstring · enumRequired

Overall health across all checked projects:

  • healthy — every project's platform integration is reachable
  • degraded — at least one project is healthy but others are unhealthy or not configured
  • unhealthy — no project has a healthy platform integration
Example: healthyPossible values:
timestampstringRequired

ISO 8601 timestamp of when the health check was performed

Example: 2026-02-20T08:35:53.050Z
get
/sfp/api/integrations/platforms/health

Last updated