IAV-841/feat(integrations): real-time credential validation for Telegram, WhatsApp, Shopify, WooCommerce and Freshdesk
Summary
Implements a credential validation system that allows users to verify their integration credentials before creating workflows. The system validates credentials in real-time against each platform's API and checks required permissions.
Motivation
Previously, users could create integrations with invalid credentials, leading to workflow failures at runtime. This feature enables early detection of invalid credentials, permission visibility, and immediate feedback during the integration setup wizard.
Changes
Architecture
- CredentialValidationService — Strategy pattern router that delegates to platform-specific validators
- 5 platform validators: Telegram, WhatsApp, Shopify, WooCommerce, Freshdesk
- AgentCredentialValidatorController — Single REST endpoint for all supported platforms
New Endpoint
| Method | Endpoint | Description |
|---|---|---|
| POST | /api/customer-care/credentials/validate/{platform} |
Validate credentials for TELEGRAM, WHATSAPP, SHOPIFY, WOOCOMMERCE, FRESHDESK |
Platform Validation Details
| Platform | Validation Method | Permissions Check |
|---|---|---|
| Telegram | GET /bot{token}/getMe |
N/A (bot has all perms) |
GET /me + /me/permissions
|
Via Meta permissions API | |
| Shopify | GET /admin/api/shop.json |
From X-Shopify-Access-Scopes header |
| WooCommerce |
GET /system_status or /products
|
Implicit (API access = full perms) |
| Freshdesk | GET /agents/me |
Implicit (API key = full perms) |
Other Changes
- New error codes added to
BusinessErrorCode(640–759 range, excluding Meta 720–749) - Platform-specific configuration properties in
application.yml
Breaking Changes
CONFIGURATIONS instead of CONFIGURATIONS_COMPLETE after workflow creation. Frontend may need adjustment.
Out of Scope
Meta platform validation (Facebook Messenger / Instagram) will be handled in a separate MR.
Related Issues
Closes IAV-841