Steps to adapt to security enhancements of file management system


This guide shows enhancements on Inspectorio’s file management system and guidance on according changes from your side.

The objective of the enhancements is to increase the security of integrated files via APIs by limiting accessible time.

NOTE: These enhancements are coming. The exact timing applied for each account is dependent on agreement.

Enhancements

Overall, there are 3 main enhancements:

1. A new concept of expiration time is applied to integrated files via APIs

Each file’s URL will have its preconfigured expiration time. By default, the expiration time is 1 month; however, it can be updated on Sight platform.

Existing or new integrated files’ URLs retrieved after the update will expired based on the updated configuration.

NOTE: The expired files’ URLs can not be refreshed. To get the active files’ URLs, new API requests should be made, where its response will return active URLs with refreshed expiration time based on the current configuration.

2. A new configuration of integrated files’ expiration time is now available on Sight platform

Expiration setting submenu

Configuration → Expiration Settings

Expiration setting submenu

Click Edit button to update the global expiration setting

Only Account owner or Admin can have an access to the configuration.

Supported values of expiration time: 8 hours/ 24 hours/ 48 hours/ 72 hours/ 7 days/ 1 month (default)/ 3 months/ 6 months

3. The current file domain (https://fms) is replaced by a new one (https://files)

Environments Current file domain (https://fms) New file domain (https://files)
Staging fms-gcp-stg.inspectorio.com files.stg.inspectorio.com
Staging https://storage.googleapis.com/inspectorio-files-upload-staging/ files-stg.inspectorio-platform.com
Staging fms-gcp-staging.inspectorio-platform.com files-stg.inspectorio-platform.com
Pre-production fms-gcp-pre.inspectorio.com files.pre.inspectorio.com
Pre-production fms-gcp-pre.inspectorio-platform.com files-pre.inspectorio-platform.com
Pre-production https://storage.googleapis.com/files-upload-pre/ files-pre.inspectorio-platform.com
Production fms-gcp-prd.inspectorio.com files-prd.inspectorio.com
Production fms-gcp.inspectorio-platform.com files-prd.inspectorio-platform.com
Production https://storage.googleapis.com/inspectorio-files-upload-production/ files-prd.inspectorio-platform.com

Impacted files

Only URLs of integrated files retrieved via following APIs are impacted:

  1. Attachments in Lab test report APIs
  2. Attachments in Attachment APIs
  3. Attachments in Report APIs
  4. Custom file in Purchase order APIs

Guides

To ensure existing integration flows work properly after the change, here are some guides:

1. Full sync all impacted files due to the third change

It’s mandatory to perform a full sync if your system is retrieving the impacted files because we no longer support the following file domains:

fms-gcp-stg.inspectorio.com
fms-gcp-pre.inspectorio.com
fms-gcp-prd.inspectorio.com
fms-gcp-staging.inspectorio-platform.com
fms-gcp-pre.inspectorio-platform.com
fms-gcp.inspectorio-platform.com

To manage the expiration time, there are 2 suggested approaches:

2.1 Manage the integrated files’ expiration time on your system

For your convenience, it’s recommended to manage the expiration time on your own with following steps:

  1. Download integrated files from Inspectorio’s URLs
  2. Upload to your storage
  3. Update relevant configurations accordingly (Optional)

2.2 Sync data directly from Inspectorio’s APIs

To avoid not only the retrieved files’ URLs being expired but also having the most updated expiration time, it’s also recommended to sync data directly from Inspectorio’s APIs instead of using retrieved data in your system.

Frequently Asked Questions

1. Question: What will happen with current URLs stored in my system (whose domain is https://fms)?

Answer: For backward compatibility, they can still be accessible until 10 years; however, we highly recommend you to perform a full sync to increase the file security.

2. Question: Is there any impact on integrated files via File import or File transfer?

Answer: No. Only integrated files via Lab test report APIs, Attachment APIs, Report APIs and Purchase order APIs are impacted.

3. Question: What should I do if file’s URLs expire and I want to refresh it?

Answer: Unfortunately, it’s not possible to refresh the expiration time of the retrieved URL. However, you can make a new API request to get a new URL of the file with refreshed expiration time based on the current configuration.

4. Question: Are URLs of reports (PDF file) on Sight platform and in notification emails expired based on the configuration of expiration time?

Answer: No. The URLs are not impacted

5. Question: Is it possible to edit the expiration time by updating parameter Expires ?

Answer: Unfortunately no. The only way to update the expiration time is via Expiration Settings on Sight platform (Only Account owner or Admin can do it)

6. Question: After the configuration of expiration time is updated on Sight platform, is the expiration time of existing valid URLs updated accordingly?

Answer: No. Only newly integrated files via the mentioned APIs after the update will have the new expiration time.

7. Question: What will happen if I unexpectedly make a new request to get a new URL while already having a valid one?

Answer: In the case, you will have 2 valid URLs of the same file with different expiration time. The existing URL will have shorter expiration time.