Integration Hub
Available Connectors
The StackFlow Integration Hub provides pre-built connectors for popular enterprise tools. Connectors handle authentication, payload mapping, and error handling automatically, allowing ITSM workflows to interact with external systems without custom code.
- DynamoDB:
StackFlow_Integrationtable with connector configuration and OAuth tokens - Secrets Manager: Integration credentials at
stackflow/integrations/{integrationId}path - Feature Flag: Individual integration flags (e.g.,
integration_github,integration_azure) inStackFlow_FeatureFlag
| Category | Connectors |
|---|---|
| Identity | Azure AD, Okta, Ping Identity, LDAP |
| Communication | Slack, Microsoft Teams, Zoom |
| Monitoring | CloudWatch, Datadog, New Relic, Prometheus, Grafana |
| DevOps | GitHub, GitLab, Jira, Jenkins, ArgoCD |
| ITSM | ServiceNow (bidirectional sync), PagerDuty, Freshdesk |
| Cloud | AWS AppFlow, Azure Logic Apps, GCP Workflows |
| Finance | SAP, Workday (cost center sync) |
Authentication Methods
Connectors support multiple authentication patterns: OAuth 2.0 (for SaaS tools), API Key (for simple integrations), AWS IAM (for AWS services), and mTLS (for high-security enterprise integrations). Credentials are always stored in AWS Secrets Manager, never in StackFlow's database or environment variables.
StackFlowGenericSecretRotation Lambda. This Lambda supports rotation for API keys that have a "create new → verify → delete old" rotation pattern.
Webhook Framework
The webhook framework allows external systems to push events into StackFlow and receive notifications out of StackFlow. Inbound webhooks create ITSM records or trigger workflows. Outbound webhooks deliver StackFlow events to any HTTP endpoint. Webhooks support HMAC-SHA256 signature verification for security.
curl -X POST https://your-instance.stackflow-tech.com/prod/api/webhooks/inbound/webhook_token -H "Content-Type: application/json" -H "X-StackFlow-Signature: sha256=HMAC_SIGNATURE" -d '{"event": "alert", "source": "datadog", "severity": "critical", "description": "CPU 98%"}'Event Bus
The StackFlow Event Bus provides a publish-subscribe mechanism for integration events. Internal events (incident created, state changed, SLA breached) are published to the StackFlow-Events-Ingestion.fifo SQS queue. External integrations can subscribe to specific event types via filtered queue subscriptions or EventBridge rules.
Building Custom Integrations
For tools without a pre-built connector, build custom integrations using the StackFlow REST API or by writing a custom connector plugin in TypeScript/Node.js deployed as a Lambda function. The connector SDK provides a standard interface for authentication, pagination, error handling, and retry logic.