- Getting Started
- Data Sources
- Data Sources Overview
- Universal Connectors
- Connectors A-E
- A-Cube
- Act-On
- ActiveCampaign
- Acuity Scheduling
- Admixer TradeDesk
- AdTraction
- AFAS
- Agyle Time
- Aircall
- AlloyDB as a Source
- Amazon Ads
- Amazon S3 as a Source
- Amazon Selling Partner
- App Store Connect
- Appfigures
- AppsFlyer
- Aptiv.io
- AroFlo
- Asana
- Ascora
- Autopilot
- Batch
- Bet365
- Bitly
- Brandwatch
- Brex
- Buk
- Bukalapak
- Call Tracking Metrics
- Captivate
- CATS
- Classy
- ClickMeeting
- CloudTalk
- Coosto
- Copernica
- CRA IoT Cloud
- Customer.io
- Dataddo
- Determ
- Digistore24
- Discourse
- Emplifi
- eTrusted
- Eventbrite
- Everflow
- Exact Online
- Connectors F-J
- Facebook Ads
- Facebook Ads Fields References
- Facebook Graph
- Facebook Leads
- Facebook Page Insights
- Facebook Posts
- Facebook Video
- Float
- Freshdesk
- Freshworks CRM
- GitHub
- Google Ad Manager
- Google Ads
- Google Ads Reference Fields
- Google Analytics Deprecated
- Google Analytics Fields Reference
- Google Analytics 4
- Google BigQuery as a Source
- Google Campaign Manager
- Google Display & Video 360
- Google Local Services
- Google Merchant Center
- Google My Business
- Google Search Ads 360
- Google Search Console
- Google Sheets as a Source
- Gorgias
- GoToWebinar
- Gusto
- Heureka
- Holded
- HTTP Webhook
- HubSpot
- HubSpot Analytics
- Infoplus
- Instagram Ads
- Instagram Business
- Instagram Media
- Instagram Story
- JIRA
- JustCall
- Connectors K-O
- Keycloak
- Klaviyo
- Kronos
- Kustomer
- LinkedIn Ads
- Loyverse
- MailChimp
- Manatal
- Marketo
- Mercado Libre
- Microsoft Ads (Bing Ads)
- Microsoft Dynamics 365
- Microsoft OneDrive as a Source
- Mitel MiContact
- Mollie
- MongoDB as a Source
- Mopinion
- Mouseflow
- MYOB Online
- MySQL as a Source
- Naver Search Ad
- NetSuite
- NMI
- Odoo
- Order Desk
- Outbrain
- Outreach
- Connectors P-T
- PagerDuty
- Personio
- Pinterest (Ads)
- Pipedrive
- Playable
- Playvox
- Podbean
- Podio
- Postgres WAL
- Prisjakt Analytics
- Prisjakt Insights
- Qualtrics
- QuickBooks
- ReBound Returns
- Recharge
- ReferralCandy
- Sage Accounting
- Sage Accounting South Africa
- Sage Intacct
- Salesforce
- Salesforce Marketing Cloud
- Salesforce Pardot
- ScoreBuddy
- Scoro
- Sellsy
- SEMrush
- Sendinblue
- Shopify
- Similarweb
- Simplicate
- Sklik
- Snapchat
- Spotify
- Sprout Social
- SQL Server as a Source
- Stamped.io
- Stripe
- SurveyMonkey
- Taboola
- Teapplix
- TikTok
- Tokopedia
- Transsmart
- Trustpilot
- TUNE Advertiser
- Twillio
- Twitch
- Twitter Ads
- Twitter Organic
- Typeform
- Teamleader
- Connectors U-Z
- Data Destinations
- Data Destinations Overview
- Dashboarding Apps
- Data Storages
- Amazon Aurora
- Amazon RDS
- Amazon Redshift
- Amazon S3
- AlloyDB
- Azure Blob Storage
- Azure SQL Database
- Azure Synapse
- ClickHouse
- CockroachDB
- Databox
- Databricks
- Firebolt
- FTP Server
- Google BigQuery
- Google Cloud SQL
- Google Sheets as a Destination
- Keboola
- MariaDB
- Microsoft OneDrive
- MongoDB
- MongoDB Atlas
- MySQL
- Oracle
- Panoply
- PostgreSQL
- SFTP Server
- Snowflake
- SQL Server
- Vertica
- Applications
- Data Flows
- References and Resources
In order to ensure highest security standards when handling clients' credentials, Dataddo employs secret management services such as Amazon Web Services Key Management Service (AWS KMS), Google's Cloud Key Management (Cloud KMS), and Microsoft Azure's KeyVault for encryption and decryption of secrets and credentials.
These services manage customer secrets by replacing passwords and username with reference objects. Reference objects can be accessed only for specified purposes using tokens such as the JSON Web Tokens (JWT) which have set expiration time.
Secret Encryption Workflow
- Client provides credentials to access their service account.
- The credentials are encrypted by one of the secret management services. Usernames, passwords, and other information are replaced with reference objects.
- A unique secret ID (UUID) is generated and it is used whenever a new extraction or write operation is triggered.
- The password is revealed using an access token only during the moment of connection to the target system.
Access to Secrets
- Every user activity or cron job run has a JWT token with a corresponding customer ID reference.
- When an operation needs a password, the JWT token will be used for authorization.
- A secret management service then validates the token and allows access only to the secrets with the corresponding customer ID.
Automatic Keys Rotation
Apart from secret encryption and decryption, AWS KMS, Google's Cloud Key Management (Cloud KMS), is also assigned with rotating the use of encryption keys for enhanced security.
Military-Grade and Quantum-Safe Encryption Keys
The default key spec, SYMMETRIC_DEFAULT
, currently represents AES-256-GCM, a symmetric algorithm based on Advanced Encryption Standard (AES) in Galois Counter Mode (GCM) with 256-bit keys which is an industry standard for secure encryption.
For more information, refer to AWS KMS official documentation.