Creating a MongoDB Digest credential for API request

We are supporting a customer who has a MongoDB Atlas account with their associated invoices.

We are looking to access this data in a read-only capacity as part of the services we offer, however this comes in 2 parts. Firstly a ‘policy’ that runs via our platforms policy engine which contains the logic to drill down into the org > invoices etc and dumps data into a CSV and then ultimately uploads it into our platform.

Before any of this is possible however I need to create a credential that can be referenced by the policy. We don’t natively support Digest Auth, however if I create the credential via our API, it is possible, however I am struggling to have any success. The format of the API request body when we create a credential is as follows:

{
  "description": "The AWS US East 1 developer credentials.",
  "field": "Authorization",
  "key": {
    "data": "/api/credentials/123",
    "type": "cm_credential"
  },
  "location": "header",
  "name": "AWS US East 1 - Dev",
  "plugin_match": "^rs-aws-",
  "tags": [
    {
      "key": "cloud",
      "value": "aws"
    }
  ],
  "type": "Bearer"
}

I know the obvious that will need updating, but struggling to put together a request using the public:private keys as this is what has ben supplied by the customer.

After any suggestions that may help :slight_smile:

I seem to have the credentials working, as I’m no longer getting a 401 error… but I do get an error on the GET when trying to retrieve invoices as a datasource in my request…

{
            "description": "MongoDB API Key for Invoice and Usage data",
            "field": "MongoDB Digest Auth",
            "key": {
              "data": "https://cloud.mongodb.com/api/atlas/v1.0",
              "type": "plain"
            },
            "location": "header",
            "name": "MongoDB API",
            "username": "xxxxxxxxx",
            "password": "xxxxxxxxxxxxxxxxxxxxxxxxxx",
            "tags": [
              {
                "key": "provider",
                "value": "mongodb_atlas"
              }
            ],
            "type": "Digest Auth"
          }

now I know that the field should be “Authorization” but if use that it breaks the credentials and I’m back to a 401 error… tried using the following which seems to allow the creds through, but breaks the request

"field": "MongoDB Digest Auth"

Are you using an API key that’s authorized to the context you’re requesting invoice data for?

By the way, are you in the cloud billing management space? if so we would be happy to partner and ensure you have more direct assistance