Skip to main content
Feedback

Solace PubSub+ – Partner connection

The Solace PubSub+ - Partner connection specifies how to connect to a PubSub+ event broker.  The connection can be reused for multiple connection operations that utilize the same broker.

Connection tab

If using a Solace Cloud broker, the connection properties can be found by:

  1. Navigating to the Cluster Manager in the PubSub+ Platform.
  2. Selecting a event broker service.
  3. Clicking the Connect tab.
  4. Expanding the Solace Messaging section.

Host - The host address to the PubSub+ event broker.  If there are multiple hosts to provide high availability, this field can be a comma-separated protocol://host:port list. For instance, tcp://primaryHost:primaryPort,tcp://backupHost:backupPort

Message VPN Name - The name of the Message VPN. (For larger enterprises, Message VPNs separate a single event broker into multiple logical parts.)

Client Username - A username that is authorized to connect to the broker.

Password - The password associated with the provided client username.

Custom Properties - Any additional properties that need to be set for the connection. Available properties can be found in the Reference Guide. Note that Client channel is the only supported complex property. Use "client_channel" as the key and a JSON formatted string as the value. For instance, { “connectRetries”: 3, “reconnectRetries”: 2 }.

API Token - An Event Portal token with read permissions. Boomi uses this token to import event-driven architecture artifacts like schemas and topic strings from the Event Portal, accelerating development and applying best practices.

API Version - To select a specific version of the Event Portal API used for the imports. PubSub+ Event Portal 2.0 is selected by default. The steps to generate the API Token for either of the versions remains the same. More about PubSub+ Event Portal versions can be found here.

To get an Event Portal V1/V2 token:

  1. Navigate to Create Token in the PubSub+ Platform.
  2. Name the token "Event Portal Read Access".
  3. Under the Event Portal Permission Set, select the Read toggle.
  4. Click Generate Token at the bottom of the screen.
  5. Copy the Event Portal Token to a secure location. It cannot be recreated.
note

For a list of available JCSMPProperties, see the Solace reference documentation.

Proxy configuration

The connector supports HTTP proxy configuration for both Solace connections and OAuth
operations. Proxy support is disabled by default for backward compatibility reasons and must
be explicitly enabled through runtime container properties:

  • General Solace Connections: Set com.boomi.connector.solace.honor.proxy.settings=true to enable proxy support for Solace broker connections

  • OAuth Operations: Set com.boomi.connector.solace.oauth.honor.proxy.settings=true to enable proxy support for OAuth token requests and refresh operations

Both proxy settings are independent and can be enabled separately based on your requirements. When enabled, the connector will automatically use proxy settings configured at the runtime/runtime cluster level.

OAuth connection

The Solace PubSub+ connector supports OAuth 2.0 authentication through two configuration
methods:

OAuth proxy configuration

The connector supports HTTP proxy configuration for OAuth token requests and refresh operations when using the Custom OAuth 2.0 Configuration (Legacy) method. To enable OAuth proxy support:

  1. Configure your proxy settings at the runtime/runtime cluster level in the Boomi platform.

  2. Set the container property com.boomi.connector.solace.oauth.honor.proxy.settings=true on your runtime.

  3. Use the Custom OAuth 2.0 Configuration method described below (proxy settings do not apply to the Standard OAuth 2.0 Configuration tab).

note

OAuth proxy support is disabled by default for security and backward compatibility and
is independent of the general Solace connection proxy setting. The connector will only honor
proxy settings for OAuth operations when explicitly enabled through the container property
and when using custom OAuth configuration properties.

Use the OAuth 2.0 configuration tab for streamlined authentication setup that follows Boomi Connector SDK standards. This method provides platform-managed token handling and supports the following grant types:

Grant Types: - Client Credentials - Authorization Code

Configuration

  1. Select OAuth 2.0 tab in the connection configuration
  2. Choose the appropriate Grant Type
  3. Configure the required OAuth parameters as prompted by the UI
  4. Set AUTHENTICATION_SCHEME to AUTHENTICATION_SCHEME_OAUTH2 in the Custom Properties section

Token Refresh: The Boomi platform automatically handles the actual OAuth token refresh operations. The connector fetches tokens from the platform at regular intervals, with a default interval of 5 minutes. Custom fetch intervals can be configured using OAUTH2_REFRESH_BUFFER_TIME and OAUTH2_REFRESH_BUFFER_TIMEUNIT properties in the Custom Properties section to control how frequently the connector retrieves updated tokens from the platform.

note

When using the standard OAuth 2.0 configuration tab, the AUTHENTICATION_SCHEME
property must be explicitly set to AUTHENTICATION_SCHEME_OAUTH2 in the Custom Properties
section. The standard OAuth 2.0 tab is used as a fallback when custom OAuth properties
(OAUTH2_REFRESH_TOKEN or OAUTH2_CLIENT_SECRET) are not configured in the Custom
Properties section.

Proxy Configuration: OAuth proxy settings (com.boomi.connector.solace.oauth.honor.proxy.settings) do not apply to this configuration method as token management is handled by the Boomi platform,
which is automatically tuned to handle proxy configuration.

Configuration Priority: The connector uses the following priority when determining OAuth
configuration:

  1. Custom Properties - If OAUTH2_REFRESH_TOKEN or OAUTH2_CLIENT_SECRET are
    configured in Custom Properties, these take precedence

  2. Standard OAuth 2.0 tab - Used as fallback when custom OAuth properties are not configured and AUTHENTICATION_SCHEME is set to AUTHENTICATION_SCHEME_OAUTH2

Custom OAuth 2.0 configuration (Legacy)

For advanced use cases or backward compatibility, you can configure OAuth 2.0 authentication
using custom properties by setting the AUTHENTICATION_SCHEME property as AUTHENTICATION_SCHEME_OAUTH2 in the Custom Properties section.

note

If you need OAuth operations to use proxy settings, you can enable the com.boomi.connector.solace.oauth.honor.proxy.settings container property.

Custom OAuth 2.0 token setup

Access Token: Provides the property OAUTH2_ACCESS_TOKEN with a valid (non-expired) access token.

Token Refresh: RFC 6749 The OAuth 2.0 Authorization Framework, Refreshing an Access Token

If the access token is temporary (that is, it has an expiration date) and you wish to avoid
connection disruptions, provide the following properties in Custom properties in addition to
the access token. This enables the connector to automatically refresh the token, ensuring a
consistent connection:

  • Refresh Token URL as OAUTH2_REFRESH_TOKEN_URL

  • Client ID as OAUTH2_CLIENT_ID

  • Refresh Token as OAUTH2_REFRESH_TOKEN

Disclaimer

Our system does not retain fetched access or refresh tokens due to environmental constraints. In the event of a connector restart, the original user-provided refresh token is used to reestablish the connection. If this token has expired or is invalid, the connector may fail to connect. For a more long-lasting stable connection, consider adopting the Client Credentials strategy outlined below.

Client Credentials Grant: RFC 6749 The OAuth 2.0 Authorization Framework, Client
Credentials Authorization Grant

If you prefer the application to fetch the Access token on your behalf using the client credentials grant, provide the following properties:

  • OAuth Token provider URL as OAUTH2_TOKEN_PROVIDER_URL

  • Client ID as OAUTH2_CLIENT_ID

  • Client Secret as OAUTH2_CLIENT_SECRET (You might choose to select the encrypted option for this sensitive data)

The connector will handle the token retrieval for you, so no need to provide the access token.

Optionally, for additional parameters to the token request, you can provide:

  • Scope as OAUTH2_SCOPE

  • Resource as OAUTH2_RESOURCE

  • Audience as OAUTH2_AUDIENCE

Token refresh buffer

The token is refreshed periodically based on a specified buffer time or percentage relative to
the access token's lifespan. By default, the buffer is set to 30% of the access token's lifetime.

To customize the buffer, you have the following options:

  1. Set a specific buffer time:
  • Time Unit as OAUTH2_REFRESH_BUFFER_TIMEUNIT
  • Absolute Time as OAUTH2_REFRESH_BUFFER_TIME
  1. Define a custom buffer percentage:
  • OAUTH2_REFRESH_BUFFER_PERCENTAGE (for example, set to 0.5 for 50% buffer)

If neither of these options is configured, the default buffer percentage of 30% will be applied.

SSL verification

If you provide the OAuth server URL or Refresh token server URL and wish to disable SSL
verification, set SSL_VALIDATE_CERTIFICATE as false.

On this Page