Skip to content

User Guide

Overview

InfoConnect Hub is a no-code smart IBM i integration solution featuring a powerful user-friendly web interface (from version 4.1.0).

The functionality includes API-enabling IBM i business logic, replicating IBM i data in real time, and automating user actions on the green screen. The product can be deployed on any Java enabled infrastructure, including on-prem and cloud environments as well as directly on IBM i, either as a stand-alone component or in combination with other Infoview products (such as InfoCDC change data capture solution) and other integration services (API manager, messaging or event streaming platforms, etc.) to fit customers' specific infrastructure and functional requirements.

InfoConnect Hub provides an out-of-the-box dynamic secure MCP server that allows AI agents and chatbots to discover and execute Hub Program Call APIs and Screen Automation APIs via AI workflows (from version 4.0.0).

This guide will walk you through the primary features and workflows of the Hub and its web interface.

IBM i Prerequisites

  • IBM i OS version: V5R4 and higher
  • The Hub must be able to reach the IBM i servers on ports 446, 449, 8470, 8472,8473,8475, and 8476 for non-SSL communications, and ports 448, 449, 9470, 9472, 9473, 9475, and 9476 accessible for SSL communications.
  • IBM i must have *CENTRAL, *DTAQ, *RMTCMD, *SIGNON and *SRVMAP host servers running in the QSYSWRK subsystem
  • If a secure TLS connection is used, the TLS certificate must be applied to Central, Data Queue, Remote Command, File, Signon, and DDM / DRDA services in Digital Certificate Manager
  • IBM i user ID must be authorized to perform the operations on the intended IBM i objects
  • If there is an additional security software that locks down the remote execution functionality, the IBM i user ID defined for connector configuration must be allowed to execute remote calls and access database, IFS, and DDM services

Hub Infrastructure Prerequisites

  • Java 17 or higher
  • Moderately sized physical / virtualized / container-based environment – the exact server sizing depends on the usage and transaction volumes
  • Network accessibility to the Hub instance for users and integrated services

Quick Start Guide

This guide covers the initial installation of the Hub and the first steps in using the web interface.

Installation and Launch

  1. Contact Infoview to get the Hub distribution package and a trial license, or launch the Hub from the participating marketplaces such as AWS Marketplace or Azure Marketplace
  2. Download the Hub archive on any Java supported on-prem or cloud infrastructure, including IBM i, and extract into the intended product home directory
Hub distribution package
Example of archive including all modules
  1. (Optional) Review and update the Hub configuration in <hub home>/info-connect-hub/config/application.properties, including logging, database location, HTTP-port, and authentication settings. Each additional module contains its own config directory with module-specific properties files

    Hub properties
    Hub properties

    You may update the default credentials for the entire Hub distribution by using the credential update script located in <hub home>/start-scripts.

    Credentials
    Setting credentials in terminal after running a script

    • Windows: Run change-default-creds.bat by double-clicking the file.
    • Linux / macOS / AIX / IBMi: Open a terminal, navigate to the <hub home>/start-scripts directory, and run: bash change-default-creds.sh

    The script will prompt you to enter and confirm the new credentials, then automatically update all Hub components.

  2. Start the Hub using the startup script located in <hub home>/start-scripts.

    • Windows: Run infoConnectHub.bat by double-clicking the file.
    • Linux / macOS / AIX / IBMi: Open a terminal, navigate to the <hub home>/start-scripts directory, and run: bash infoConnectHub.sh

      Note: If you haven't provided auth properties - the script for step 3 will start automatically.

Once the Hub is running and ports 8080, 8081, and 8082 are accessible, you can start working with IBM i operations through Postman, cURL, or any REST API client.

API Reference

Note that the stand-alone binary distribution version of the product will work without a valid license for the first 15 min after the instance startup then any config and API attempts will fail due to no license error. Please reach out to the Infoview sales team at sales@infoviewsystems.com or call +1 (734) 293–2160. When launching the product from AWS Marketplace, Azure Marketplace, or other marketplaces supporting metered service subscription, there is no separate license required.

Below is a link to a Postman collection that includes a step-by-step guide for setting up the connection and creating sample program call definitions and DQ Pollers. To use this collection, open Postman and import the collection from the URL below, then set the collection variables to include Hub host, port, IBMi endpoint and credentials, and other variables relevant to each use case.

Postman Collection

Hub UI Quick Start Guide

If you prefer a graphical interface, the following UI User Guide describes how to use the Hub web interface.

Product Setup and Operations

Most of the InfoConnect Hub functionality can be configured via admin APIs. However, there are several hardening configuration steps that must be performed directly on the Hub instance. Once the InfoConnect Hub is configured, it will interact with external services and IBM i components via separate Functional API endpoints.

License Management

InfoConnect Hub, when provisioned as a stand-alone component, requires a valid license authorized to access specific IBM i servers. The product will work without any license for the first 15 minutes after the launch. Please contact to Infoview Systems Inc. When launching InfoConnect Hub from AWS Marketplace or other supported marketplaces, no separate license is required.

Contact us for connector pricing info, trial license, or support questions.

The product supports several internal or shared locations to place and maintain the license, including the local file system, AWS S3 bucket, HTTP/HTTPS, FTP, SMB, and Azure blob storage. The license location, necessary credentials, and other attributes are defined as part of Connection configuration via Admin API. Please refer to the API documentation for details. Below is a summary of protocol details required for referencing the license files

# Protocol Name Properties
1 S3 s3Bucket=path-to-bucket
s3Region=us-east-2
s3AccessKey=encrypted-access-key
s3SecretKey=encrypted-secret-key
2 HTTP/HTTPS httpUrl=http-URL
httpDirPath=license-file-path
httpUsername=username
httpPassword=encrypted-pwd
3 FTP ftpHost=ftp-host
ftpDirPath=path
ftpUsername=username
ftpPassword=encrypted-pwd
4 FILE/SMB filePath=path-to-license-file
5 AZURE STORAGE connectionString=encrypted-connection-string
bucketName=bucket-name

The Program Call and DQ Poller components support JSONata-based transformations for both input and output payloads. For detailed configuration instructions, see the API Reference.

Security Hardening

InfoConnect Hub by default is bundled with pre-defined credentials, HTTP listener, and no IBM i connection.

  • The default authentication for Admin APIs is Basic Auth with user ID = Admin and pwd = Password
  • The default authentication for Functional API is Basic Auth with user ID = User and pwd = Password@123

You also can change a default authentication system to different OAuth providers using the authentication server. Guide: Setting up OAuth authentication

As part of the product evaluation, likely the most basic security settings and non-secure IBM i connection are created. Below is a security hardening checklist to execute early in the trial / evaluation process:

  1. Configure HTTPS protocol for the API / HTTP listener
  2. Configure TLS IBM i connection
  3. Change the encryption key used to encrypt sensitive properties
  4. Encrypt all credentials and other sensitive API properties using Admin encryption API
  5. Change the default Admin and Functional API user ID and password
  6. Restrict access to APIs to specific allowed source IPs only
  7. Add rate limiting and other security policies to protect the functional APIs and

How to set up HTTPS

Create our own self-signed SSL certificate

First, we need to create our own self-signed SSL certificate. It is easy to generate the file with java keytool command.

After typing into the terminal command below, you will be asked a couple of questions. This will generate the ssl-server.jks keystore file containing our certificates in the directory from where the keytool command has been executed.

keytool -genkey -alias selfsigned_localhost_sslserver -keyalg RSA -keysize 2048 -validity 700 -keypass changeit -storepass changeit -keystore ssl-server.jks

We can use the command below to view what is inside this keystore.

keytool -list -keystore ssl-server.jks

Spring boot SSL Configuration

Secondly, we need to copy the generated keystore file into the [project-folder]/config folder. Next, we should add the below entries to the application.properties file. Note: [project-folder] is /opt/info-connect-hub for AWS Marketplace Hub instance

server.ssl.key-alias=selfsigned_localhost_sslserver
server.ssl.key-store-password=changeit
server.ssl.key-store=../config/ssl-server.jks
server.ssl.key-store-provider=SUN
server.ssl.key-store-type=JKS

If you want to use keystore password in encrypted form, then paste the encrypted value in ENC() like this:

server.ssl.key-store-password=ENC(encrypted-value)

At the end restart the Hub

How to change the encryption key used to encrypt sensitive properties

Before changing the encryption key, make sure that you don't have active connections, pollers, or encrypted properties configured with a legacy encryption key value.

  1. If you run the Hub distribution package using the provided startup scripts (infoConnectHub.bat or infoConnectHub.sh), no additional configuration is required. The Hub will prompt you to provide an encryption key during startup if one has not been configured yet.

  2. If you run the Hub distribution package using a Java command, you need to specify your encryption key using the -Djasypt.encryptor.password property.

  3. If you run the Hub from AWS Marketplace, go to [project-folder]/executable-jars and update the -Djasypt.encryptor.password property in the info_connect_hub-3.0.0.conf file. Note: [project-folder] is /opt/info-connect-hub for AWS Marketplace Hub instances.

  4. Restart the Hub.

How to change the default user ID and password for admin and functional users

To change the default credentials, use the credential update script located in [project-folder]/start-scripts.

  • Windows: Run change-default-creds.bat by double-clicking the file.
  • Linux / macOS / AIX / IBMi: Open a terminal, navigate to the [project-folder]/start-scripts directory, and run:

    bash change-default-creds.sh

The script will prompt you to enter and confirm the new credentials, then automatically update all Hub components.

Manual configuration

  1. Open the application.properties file located in [project-folder]/config.

  2. Find the Basic Authentication section.

  3. Use the User properties for functional operations and the Admin properties for administrative operations.

  4. To change user IDs, update the following properties:

  • userUsername
  • adminUsername
  1. To change passwords, update:
  • userPassword
  • adminPassword
  1. If you want to store passwords in encrypted format:
  • First, encrypt the password using the Admin Encryption API:

    POST http://host:8080/admin/encryption

  • Then copy the encrypted value and wrap it in ENC(...).

  • Paste the resulting value into the userPassword or adminPassword property.

  1. Restart the Hub.

Cluster Configuration

Cluster Configuration

Admin API definitions

The InfoConnect Hub comes with the following admin APIs that can be used to set up the product, either manually (via CURL / Postman / any other API client) or as part of the CI / CD flow:

  1. Encryption API – allows encrypting sensitive data like passwords or other secrets
  2. Connections – manages IBM i connection definitions. It is possible to configure a single InfoConnect Hub instance to connect to multiple back-end systems; however, in most scenarios a dedicated 1 – 1 relationship would work best to ensure the proper segregation of access rules,
  3. Program Calls – manages program call definitions that will be surfaced for the consumers as REST APIs
  4. Data Queue Sources – always-on DQ listeners that are registered to receive new DQ messages immediately after they are placed into IBMi DQ and send to the following systems in real time:
    • Google (GCP Pub Sub)
    • JMS (ActiveMQ, ArtemisMQ, AmazonMQ)
    • Azure (ServiceBus, EventHub, EventGrid)
    • AWS (SQS, SNS)
    • JDBC
  5. Data Queue Sinks - always-on Messaging or Event platform listeners that and send new data to the IBMi Data Queues in real time:
    • Google (GCP Pub Sub)
    • JMS (ActiveMQ, ArtemisMQ, AmazonMQ)
    • Azure (ServiceBus, EventHub)
    • AWS (SQS)

Below is a link to the Admin API documentation

API Reference

Functional API definitions

The InfoConnect Hub comes with the following functional APIs out of the box:

  1. Execute Command Call API – does not require any admin / configuration
  2. Publish Data To Data Queue API or read Data Queue entry directly – does not require any admin / configuration
  3. Execute Program Call API – requires the program call configuration via Admin API (see above)
  4. Listen for the new Data Queue entry with DQ Listener (requires the configuration via Admin API) and send to the next systems:
    • Google (GCP Pub Sub)
    • JMS (ActiveMQ, ArtemisMQ, AmazonMQ)
    • Azure (ServiceBus, EventHub, EventGrid)
    • AWS (SQS, SNS)
    • JDBC
  5. Execute Screen Automation script

Below is a link to the Admin API documentation

API Reference

Data Replication with InfoConnect Hub and InfoCDC

Hub Direct Database Replication Support

For use cases where messaging or event infrastructure is part of the data replication architecture, please refer to this example of how to set it up

InfoCDC and InfoConnect Hub Data Replication Guide

AI with InfoConnect Hub

Allows you to create MCP-server based on tools generated from program calls which are stored in the InfoConnectHub system and manage these tools in the runtime

AI Tutorial