Accounting Credentials Vault
Component Detail
Infrastructure
medium complexity
backend
0
Dependencies
0
Dependents
0
Entities
0
Integrations
Description
Manages encrypted storage and retrieval of per-organization accounting API credentials and endpoint configuration. Credentials are encrypted at rest using organization-scoped keys and are never exposed in logs or API responses. Used exclusively by the Accounting API Connector at dispatch time.
accounting-credentials-vault
Responsibilities
- Encrypt and store per-organization accounting credentials and endpoint URLs at rest
- Retrieve and decrypt credentials for a given organization at dispatch time only
- Enforce that credentials are never written to logs or returned in API responses
- Support credential rotation without requiring a connector restart
Interfaces
storeCredentials(orgId: string, creds: ConnectorCredentials): Promise<void>
retrieveCredentials(orgId: string): Promise<ConnectorCredentials>
rotateCredentials(orgId: string, newCreds: ConnectorCredentials): Promise<void>
deleteCredentials(orgId: string): Promise<void>