Integration Hub Overview

What is the Integration Hub?

The StackFlow Integration Hub is a unified connectivity platform with 51 pre-built connectors across 11 categories. It enables bidirectional data flow between StackFlow and your monitoring, collaboration, security, cloud, and ITSM tools without writing custom integration code. Each connector is configured via a guided setup wizard in Admin → Integration Hub.

51 Connectors: StackFlow ships with connectors for Slack, Microsoft Teams, PagerDuty, Datadog, Jira, ServiceNow, Okta, CrowdStrike, Splunk, AWS, Azure, GCP, GitHub, GitLab, Prometheus, Grafana, Dynatrace, New Relic, VictorOps, OpsGenie, Zendesk, Freshservice, SolarWinds, Nagios, Zabbix, Ansible, Terraform, Chef, Puppet, Jenkins, CircleCI, ArgoCD, Kubernetes, Docker, VMware, Nutanix, Cisco, Palo Alto, Fortinet, Qualys, Tenable, RapidFire, Rapid7, BigPanda, Moogsoft, xMatters, SIGNL4, ServiceGraph, AppDynamics, IBM Tivoli, and BMC Helix.

Architecture

The Integration Hub runs within the StackFlowAPI Lambda function. Connector credentials are encrypted at rest in AWS Secrets Manager under KMS CMK mrk-bd842691514c4d74a02992b8dc11fe16. Outbound connector calls are made from the Lambda's VPC, traversing the NAT gateway for internet-bound traffic. Inbound events arrive via dedicated webhook endpoints.

External System (e.g., Datadog)
    │
    │ Webhook POST / API Pull
    ▼
CloudFront → API Gateway → StackFlowAPI Lambda
    │                              │
    │ Outbound calls               │ Credential lookup
    ▼                              ▼
External APIs               AWS Secrets Manager
                            (KMS CMK: mrk-bd842691514c4d74a02992b8dc11fe16)

51 Connectors by Category

Category	Connectors	Count
Collaboration	Slack, Microsoft Teams, Webex, Google Chat, SIGNL4, xMatters	6
Incident Management	PagerDuty, OpsGenie, VictorOps, BigPanda, Moogsoft	5
Monitoring & APM	Datadog, Dynatrace, New Relic, AppDynamics, Prometheus, Grafana, Nagios, Zabbix, SolarWinds	9
Cloud Platforms	AWS, Microsoft Azure, Google Cloud Platform	3
Project Management	Jira Software, Jira Service Management, ServiceNow, Zendesk, Freshservice	5
Identity & Access	Okta, Azure Entra ID, Ping Identity, CyberArk	4
Security	CrowdStrike, Splunk, Qualys, Tenable, Rapid7, Palo Alto, Fortinet, RapidFire	8
DevOps & CI/CD	GitHub, GitLab, Jenkins, CircleCI, ArgoCD, Ansible, Terraform, Chef, Puppet	9
Infrastructure	Kubernetes, Docker, VMware, Nutanix, Cisco, IBM Tivoli, BMC Helix	7
Log Management	Splunk (dual), ServiceGraph	2
Automation	ServiceGraph, AppFlow	2

Credential Security

All connector credentials (API keys, OAuth tokens, passwords, certificates) are stored in AWS Secrets Manager. The secret name follows the convention stackflow/integrations/<connector-name>/<credential-type>. Secrets are encrypted using the multi-region KMS CMK mrk-bd842691514c4d74a02992b8dc11fe16.

# View a connector secret (requires aws:secretsmanager:GetSecretValue permission)
aws secretsmanager get-secret-value   --secret-id stackflow/integrations/slack/bot-token   --region us-east-1   --query SecretString --output text

# List all integration secrets
aws secretsmanager list-secrets   --filter Key=name,Values=stackflow/integrations   --region us-east-1   --query "SecretList[].Name"

Rotation: OAuth tokens and API keys with expiry dates are automatically rotated by the StackFlowGenericSecretRotation Lambda function (scheduled daily). Rotation failures trigger a CloudWatch Alarm and SNS notification to the stackflow-security-findings topic.

Custom APIs

The Custom APIs tab in Integration Hub allows you to define custom connector configurations for systems not covered by the 51 built-in connectors. Custom connectors support REST, GraphQL, and SOAP endpoints with configurable authentication (Basic, Bearer, API Key, OAuth 2.0) and field mapping via Jinja2 templates.

{
  "name": "Internal Asset Management System",
  "base_url": "https://assets.internal.example.com/api/v2",
  "auth_type": "api_key",
  "auth_config": {"header": "X-Asset-API-Key", "secret_name": "stackflow/integrations/custom/asset-mgmt"},
  "endpoints": [
    {
      "name": "sync_assets_to_cmdb",
      "trigger": "schedule",
      "schedule": "0 */6 * * *",
      "method": "GET",
      "path": "/assets?status=active",
      "field_mapping": {
        "name": "{{item.asset_name}}",
        "class": "server",
        "attributes.serial_number": "{{item.serial}}"
      }
    }
  ]
}

AI Orchestration

Integration Hub includes an AI Orchestration layer that automatically enriches incoming events with CMDB context, knowledge base suggestions, and priority classification before creating ITSM records. Configure enrichment rules in Admin → Integration Hub → AI Orchestration.

Adding a Connector

Navigate to Admin → Integration Hub → Add Connector
Select the connector from the 51-item library or choose Custom API
Follow the connector-specific setup wizard (each connector's setup guide is linked in the sidebar)
Test the connection using the built-in Test Connection button
Configure field mappings and trigger conditions
Enable the connector — credentials are saved to Secrets Manager automatically

Principle of Least Privilege: When creating API keys and OAuth clients for StackFlow connectors, always grant the minimum permissions required. See each connector's setup guide for the exact scopes needed.

← Previous

SDK & Examples

Python, Node.js, Postman

Slack

Alerts, slash commands, approvals