🏠 Overview 🧩 Components 🧩 Credential Vault

Credential Vault

Component Detail

Infrastructure medium complexity backend
0
Dependencies
1
Dependents
1
Entities
0
Integrations

Description

Stores and retrieves encrypted accounting system credentials on a per-organization basis. Encrypts API keys, client secrets, and OAuth tokens at rest using application-level encryption before persisting to the database. Ensures credentials are never exposed in logs or error messages.

Feature: Accounting System Integration

credential-vault

Responsibilities

  • Encrypt accounting credentials before database storage
  • Decrypt credentials for adapter use at runtime
  • Scope all credential operations to organization context
  • Prevent credential exposure in logs and API responses
  • Support credential rotation without service disruption

Interfaces

storeCredentials(orgId, systemType, credentials)
retrieveCredentials(orgId, systemType)
deleteCredentials(orgId, systemType)
rotateCredentials(orgId, systemType, newCredentials)
hasCredentials(orgId, systemType)

Relationships

Dependents (1)

Components that depend on this component

infrastructure Accounting Adapter

Related Data Entities (1)

Data entities managed by this component

Organization Setting 21 fields configuration