Initial Configuration

Configuring the xDeTECH VCDx TrustX connection

Before running xDeTECH services for the first time, the connection to TrustX cloud services must be configured. TrustX cloud services are used for authentication and to publish audio processing metrics as shown in the diagram at the top of this document. The TrustX region must be configured.

The relevant properties in the sentinel-vcdx/config/application.properties file are:

trustx.host.replacement=https://%s.%s.trustx.com

trustx.sky.region=oak

where:

• trustx.host.replacement defines the domain of the TrustX services. The %s parts of the string are substituted by VCDx to contain the following values:

  • The first %s is the call scope which does not have to be configured in VCDx. VCDx sets the value depending on the type of TrustX call it has to make.
  • The second %s is the sky region which does have to be configured in VCDx.
  • NOTE: When using VCDx in non-production environment, the trustx part of the domain must be re-configured, for example to trustx-dev for the development environment.

• trustx.sky.region must be set to the region where the TrustX deployment of xDeTECH resides.

Contact support@daon.com for assistance regarding the proper trustx.host.replacement and trustx.sky.region values to use.

Configuring TrustX Service Call Timeouts

Timeouts for calls from the VCDx on-premise deployments to TrustX for licensing and metrics collection are configurable in the sentinel-vcdx/config/application.properties file. The default settings are:

arthr.timeout.connect.millis:10000

arthr.timeout.read.millis:5000

arthr.timeout.write.millis:5000

Configuring the xDeTECH VGSx TrustX Connection

The following properties must be configured:

1. The TrustX tenant ID under which audio metrics will be stored.
2. The service name which identifies the particular service which generated audio metrics.
3. An API key which authenticates and authorizes communications to TrustX services.

These are found in the sentinel-vgsx/config/application.properties file.

sentinel.trustx.tenantId = {skyscraper tenant id}

sentinel.trustx.region=oak

sentinel.vgs.service_name = xDeTECH_VGSx

sentinel.vgs.server_id = 1

sentinel.prem.api.key= {id}.{code}

Where sentinel.trustx.region is the region where the TrustX deployment of xDeTECH resides.

The service name is a concatenation of sentinel.vgs.service_name and sentinel.vgs.server_id, for example xDeTECH_VGSx.

The section below describes how to set up the sentinel.prem.api.key and get its value.

Configuring the TrustX API Key

An API key must be created in the configured tenant using the Daon TrustX Backoffice application or provided to you by support@daon.com.

1. Log in to the web app.
2. From the home page, select API Keys from the options on the left-hand side of the page.
3. Click Generate API Key in the top-right corner of the page.
4. Enter a short Name and Description for the API key.
5. Set Type to Permanent.
6. Set Status to Active.
7. Enter these Permissions:

TNT#{tenantId}#SentinelVCDX:getVoiceCloneReplay* 

TNT#{tenantId}#SentinelVGS:action

TNT#{tenantId}#SentinelVGS:getCallInfo

TNT#{tenantId}#SentinelVGS:endCall

TNT#{tenantId}#SentinelVCDX:sendStatistics*

8. Click Save

Once all data has been entered correctly, the API key will appear at the top of the API Keys list. To retrieve the API key value:

1. Click the Show Details magnifying glass under the Actions column of the API Keys list. The API key properties will be displayed.
2. Click the eye icon to the right of the Secret property and copy the {id}.{code} value.

The sentinel.prem.api.key VGS property must be updated to this API secret value.

Protecting Calls to VGSx with an API Token

By default, the REST interface for the Voice Gateway Services does not require authentication. However, bearer token authentication is supported for all REST endpoints excluding the /ping and /orktrack/command endpoints.

There is a single bearer token supported for all APIs. If configured, then requests to the affected VGSx APIs must contain an Authorization header whose value is Bearer followed by the token itself as shown in the command below:

GET https://{vgsx domain}/tenants/{tenantId}/calls/{callId}

Authorization: Bearer {secret}

where secret is the API token which is set in sentinel-vgsx/config/application.properties as follows:

sentinel.bearer.token=secret

Configuring VGSx to Communicate with VCDx

This section describes how the VCDx endpoints are configured in VGSx.

The VCDx endpoint properties are configured in the sentinel-vgsx/config/application.properties file. The default settings are:

sentinel.service.domain=http://localhost:8099

sentinel.health.domain=http://localhost:8099

sentinel.service.name=${sentinel.vgs.service_name}${sentinel.vgs.server_id}

sentinel.analysis.api.path=/tenants/${sentinel.trustx.tenantId}/audios/${sentinel.service.name}

sentinel.health.api.path=/actuator/health

The sentinel.service.domain is the domain used when calling the VCDx to analyse audio and sentinel.health.domain is the domain used when calling VCDx to check whether the service is running. They will generally be configured to the same value which is the domain of the VCDx deployment with which VGSx will communicate.

Configuring VGSx to VCDx Service Call Timeouts

The calls from the VGSx to the VCDx service to perform health checks and audio analysis each have read, write and connect timeouts that are configurable in sentinel-vgsx/config/application.properties file. The default settings are:

analysis.service.webClient.readTimeoutInSeconds:20

analysis.service.webClient.writeTimeoutInSeconds:20

analysis.service.webClient.connectTimeoutMillis:5000

analysis.service.health.webClient.readTimeoutInSeconds:5

analysis.service.health.webClient.writeTimeoutInSeconds:5

analysis.service.health.webClient.connectTimeoutMillis:5000