Getting Started

Integrate in three steps:

  1. Create an Account (Organization and Vault)
  2. Connect to the VGS Platform
  3. Create Filters on Routes to Operate on Data

Creating your Organization

After you’ve signed up for an account and verified it you’ll be asked to create an organization (i.e. the name of your company). org-creation

Name it, read and accept Terms and Conditions, and then click ‘Create’.

Creating your first Vault

After your Organization is created you’ll be shown this screen. sandox-vault-creation

Since this is your first time making a vault, you’ll want to select Sandbox, name it, and click ‘Create’.

If you try to select a Live Vault you will receive a pop up: live-vault-creation

Live vaults are for production usage. You should test your routes, filters, and operations with NON-SENSITIVE data in a Sandbox vault before creating your Live vault.

Connecting to the Platform

Once you’ve created your vault you will land on a getting started guide. This guide will take you through, step by step, how to connect your application to VGS. secure-connection-starting

To begin, we will connect our inbound traffic from your APIs and and clients to VGS by clicking the top image labeled “Secure Inbound Traffic”, which will bring you to this screen: secure-connection-inbound

We have added our upstream already. You can either use our placeholder echo-server or enter your server address. Click “Establish Connection” and you will see the following screen: secure-connection-inbound-successful

You’ve just protected inbound traffic with no code changes! If you chose to use your application, you can click on the provided URL and it will load your application through the platform.

From here, you can either choose to “Connect Outbound Traffic” or to “Secure Inbound Data”. If you choose to just Secure Inbound Data, you can skip ahead to Securing Data section.

Otherwise, we can now protect outbound traffic from your server to third-parties.

At the bottom of your screen, click “Connect Outbound Traffic”.

You should see the following screen. secure-connection-outbound

We’ve included some snippets that you can just add as environmental variables to pass all application traffic through the VGS Platform. If you don’t have an application yet, (you used our echo server on the previous step), feel free to just use our provided curl command.

Once we detect traffic going through the system, this message will be displayed. secure-connection-outbound-successful

Now that you added the environmental variables to your server you’re fully connected to the platform. The next step is to click the “Secure Data” button.

Securing Data

Now that traffic is going through the VGS Platform, we can inspect it. In the image below we have a sample request. secure-debugger-activity-logs

If you click on one of the requests you will see a pop-up showing you the entire request payload (Headers and Body) similar to the following: pop-up-request-inspector-secure-data

If we click “Secure this Payload”, you will be greeted with the following screen allowing you to check as many pieces of data you need to operate on (redact/reveal). filter-preview-pop-up

As soon as you click the checkbox, you will be asked which type of operation to perform, type of storage, and format you want. filter-select-operations-storage-format

After choosing your options, clicking “Secure this Payload” will bring up this screen: confirmation-filter-and-operations-applied

You can now secure more data from the debugger or view the rule. To secure more data repeat the above process on the request or response.

If you click “view route configuration” you’ll see the route that’s been generated for you: route-configuration-overview

Testing Filters and Operations

The debugger that was used to generate filters and operate on your routes, will also shows us the modified data with the redacted or revealed value in the “Request Rewritten” or “Response Rewritten” area like below: request-raw-request-rewritten

This allows you to verify and validate that the filters on your routes are working to operate on the data, and sensitive information is being secured by VGS.

Inviting Users

Now that you’re connected, invite colleagues to test out the product by clicking the gear icon in the upper left corner of the menu bar. adding-users-to-org

All added users can create their own vaults within your organization and try out their own filters in the sandbox environment or work within the same vault.

If you need any help contact us on site chat or by email support@verygoodsecurity.com.