Skip to main content

Optional service for Cloud imports

Use the Cloud Import Web service as an alternative way of importing data to the Snow License Manager database via the Snow Integration Manager connectors. The service accepts data from portals like Microsoft 365, Adobe Creative Cloud, Zoom, and Okta, among others.

The Snow License Manager Web API is used for import of data from the SaaS portals. It is part of the Snow License Manager Web solution hosted in Internet Information Services (IIS) for Windows Server. The Cloud Import Web service is a separate Windows service with its own resources for CPU utilization and RAM, completely independent of the IIS that hosts the Snow License Manager Web. In this way, the service will reduce the workload of the Snow License Manager Web, when it is used.

The recommendation is to install the Cloud Import Web service on the same machine where Snow License Manager is deployed, similar to other services like the Snow Software Adobe CC Service and the Snow License Manager Office 365 Service.

Authentication

The Cloud Import Web service requires basic authentication. The user name and password that you pass as credentials in the authorization header of the request must match an existing user who is member of the predefined API Users role in Snow License Manager.

For the configuration of the Snow Integration Manager, use the same credentials for the Cloud Import Web service as you use for the Snow License Manager Web API.

Configuration

note

When the Cloud Import Web service is deployed on the same machine where the Snow License Manager Web is hosted, the service must use another port for listening.

The parameter values defined here apply only to a production environment. The appsettings.Production.json file has this structure:

{
"Logging": {
"LogLevel": {
"Default": "Information",
"Microsoft.AspNetCore": "Warning"
}
},
"Kestrel": {
"Endpoints": {
"Http": {
"Url": "http://*:5018"
},
"HttpsDefaultCert": {
"Url": "https://*:5019"
},
"HttpsInlineCertFile": {
"Url": "https://*:5017",
"Certificate": {
"Path": "Certificates/cloudimport.pfx",
"Password": "<password>"
}
},
"HttpsInlineCertStore": {
"Url": "https://*:5016",
"Certificate": {
"Subject": "cloudimport",
"Store": "My",
"Location": "LocalMachine",
"AllowInvalid": true
}
}
}
}
}

The Kestrel section defines all endpoints for which the service will listen for API requests, and they can be HTTP or HTTPS endpoints. The HTTPS endpoints can use the default SSL certificate or a predefined SSL certificate. The certificate can be a self-signed one or a verified trusted SSL certificate.

note

You can use wildcard characters in the definitions of the endpoint URLs.

In the example configuration file above, we see the following:

  • For port 5017, the certificate is:

    • in pfx format and located in the Certificates folder

    • exportable and secured with a password.

  • For port 5016, the certificate is installed in the Windows Certificate Store.

    note

    The certificates need to be installed in LocalMachine\Trusted.

For more information on how to setup Kestrel configurations, see Configure endpoints for the ASP.NET Core Kestrel web server from Microsoft.

note

Do not configure Kestrel in the Cloud Import Web service to use ports that are already used by other Snow License Manager services. For information about the services and their ports, see Services in Snow License Manager.