Management

This document provides an overview of the concepts of Environments and Systems in the A2A module, explaining their roles in the secure management and consumption of the A2A APIs..

Environments

Environments represent the organizational or infrastructure contexts in which A2A API calls are made. Each environment is uniquely identified in the system and can be configured to meet specific access management and tracking needs.

Importance of environments

• Unique identification: each environment has a unique identifier code, making it easier to track calls made in that context.
• Access management: environments allow API calls to be segmented, enabling specific security and control configurations.
• Centralized visibility: all interactions performed in an environment are recorded and can be audited for compliance purposes.

Elements of environments

• Name: identification of the environment in the system.
• Status: current state of the environment (Enabled or Disabled).

Systems

Systems represent the entities that consume the data provided by A2A APIs. These systems can be applications, servers, or any other technological resources that need to access APIs for integrations or automated operations.

Importance of systems

• Secure data consumption: systems enable the configuration of API consumers, ensuring that only authorized systems have access to the data.
• Customized authentication: each system is linked to an authorization that has its own credentials and authentication methods configured to maximize security.
• Action tracking: activities performed by each system are recorded, enabling detailed audits.

Elements of systems

• Identification: each system has a unique identifier in senhasegura.
• Status: current state of the system (Enabled or Disabled).

Relationship between environments and systems

Environments define where API calls are made, while systems identify who is consuming the data. This separation allows specific and independent configurations for each context, ensuring greater flexibility and security in API management.

Use case

Managing integrations between APIs and critical systems

Primary actor: Mariana (system administrator at a Fintech)

Summary:
Mariana is responsible for managing high-value financial transactions and ensuring that API integrations with internal and external systems are secure and traceable, in compliance with financial regulations such as the GDPR (General Data Protection Regulations) and Central Bank standards.
She uses the A2A module in senhasegura to configure environments and systems, enabling API integration with critical applications. This configuration helps monitor interactions, segment access by environment, and ensure data consumption security.

Basic flow:

1. Creating an environment
   1. Mariana creates an environment called "Production" and configures it as Enabled.
2. Creating a system
   1. Mariana creates a system called "Integration App" and configures it as Active.
3. Linking and testing
   1. Mariana creates an application.
   2. Then, she creates an authorization for the application and links the "Integration App" system and the "Production" environment to the authorization.
   3. Mariana performs tests to verify the API consumption by the system in the configured environment.
4. Auditing and monitoring
   1. Mariana monitors the API call logs, that present errors.

Conclusion

Managing environments and systems in the A2A module of senhasegura allows the segmentation, monitoring, and control of API consumption efficiently and securely. This approach is essential for organizations handling sensitive data, promoting centralized visibility, regulatory compliance, and security in API usage.

Administrators like Mariana can leverage these features to implement robust solutions that ensure reliable management of the organization's technological integrations.