Credential Manager Service - Meander Platform | Generated by Eircodex v4.0

Service Layer high complexity backend

1

Dependencies

1

Dependents

1

Entities

0

Integrations

Description

Handles secure storage and retrieval of API credentials for the external portal using envelope encryption. Encrypts credentials at rest with a data encryption key that is itself encrypted by a master key, preventing credential exposure in database dumps.

Feature: External Portal Integration

credential-manager-service

Responsibilities

Encrypt API credentials using envelope encryption before persistence
Decrypt credentials on demand for authenticated service calls
Rotate encryption keys without downtime
Validate credential shape and required field presence before saving

Interfaces

encryptCredentials(credentials: RawCredentials): Promise<EncryptedCredentials>

decryptCredentials(encrypted: EncryptedCredentials): Promise<RawCredentials>

rotateKey(orgId: string): Promise<void>

validateCredentialShape(credentials: unknown): ValidationResult

Relationships

Dependencies (1)

Components this component depends on

data Portal Integration Config Store

Dependents (1)

Components that depend on this component

service External Portal Service

Related Data Entities (1)

Data entities managed by this component

Organization Setting 21 fields configuration