Create an integration to request, view, and approve access via Backstage
The Apono Backstage integration allows you to simply configure Apono as a custom plugin in your Backstage app. This plugin brings Apono's Just-in-Time (JIT) access management to the forward, making it easily accessible to developers within Backstage. With this integration, you can now effortlessly connect your Backstage app to Apono and manage access directly from the Backstage interface.
Generate RSA Private & Public Keys using OpenSSL using the following commands:
Copy both public & private keys encoded as base64 to use later.
Apono uses OpenSSL keys to ensure secure communication between your Backstage app and the Apono API. By using OpenSSL keys, you can securely interact with the Apono API, ensuring that your data remains protected and your identity is verified.
Go to Integrations, under Environment from the left navigator.
Under Integrations, click the Catalog tab and select Backstage under Communication category.
In Backstage integration page, provide the following information about your Backstage environment:
Under Secret Store paste your Public Key encoded as base64.
Click connect.
The following steps assume that you have created a Backstage app and want to add an existing plugin to it. For more information on Apono plugin for Backstage frontend and backend app.
To create a new Apono frontend plugin, make sure you've run yarn install
and installed dependencies, then run the following on your command line from the root of your project.
Note the plugin is added to the app
package, rather than the root package.json
. Backstage Apps are set up as monorepos with Yarn workspaces. Since CircleCI is a frontend UI plugin, it goes in app
rather than backend
.
Update router for the AponoPage
inside packages/app/src/App.tsx
:
To allow the Apono plugin to load its content in an iframe, you need to add the Apono client URL to your Backstage's Content Security Policy. Add the following to your app-config.yaml
file:
To attach and run the Apono plugin, you will make some modifications to your backend.
Add Apono plugin to your backend system packages as dependencies. Run the following command:
Update packages/backend/src/index.ts
with the following:
Configure Backstage app-config.yaml
to connect to the Apono API with the following:
(Example) Add Apono plugin to Backstage sidebar. Update Backstage sidebar in packages/app/src/components/Root/Root.tsx
with the following:
The following error occurs when you try to enter Apono app on your Backstage app: Request failed with status code 401 / Failed to load application
This issue might occur when you accidentally delete your Apono Backstage integration.
To resolve this issue, recreate the Backstage integration in your Apono account with the Public Key defined in your Backstage app.
To find your public key, go to app-config.yam
on your Backstage app repo and look for:
Variable | Value | Required |
---|---|---|
Integration Name
The integration name.
Yes