Managing Services
Register and configure source and destination services in 4Quays
Services are the nodes in your 4Quays graph. Every application or external system that participates in cryptographic operations is registered as a service.
Service Types
Source Services
Source services initiate cryptographic operations. These are typically your applications that call the 4Quays API.
Examples:
- Your banking service
- Your payroll application
- Your tax filing system
Destination Services
Destination services receive protected payloads. These are the external systems your applications communicate with.
Examples:
- Bank APIs
- Payment processors
- Tax authorities
- Partner systems
Registering a Service
Via Dashboard
- Navigate to Services in the sidebar
- Click Add Service
- Fill in the service details:
- Name: A descriptive name (e.g., "RBC Transfer API")
- Type: Source or Destination
- Description: What this service does
- Click Create
Via Enrollment Wizard
The Enrollment Wizard provides a guided setup for new integrations:
- Service Details — Name, type, and description
- Algorithm Configuration — Select encryption algorithm
- Key Upload — Upload the destination's public key
- Policy Creation — Automatically creates a policy linking source and destination
- API Key Generation — Generates an API key bound to the new policy
This is the recommended approach for setting up new destination services.
Service Configuration
Basic Information
| Field | Description |
|---|---|
| Name | Display name for the service |
| Type | source or destination |
| Description | Human-readable description |
| Status | Active or Inactive |
Service Status
Services can be set to Active or Inactive:
- Active: Service can be used in policies
- Inactive: Service is disabled; operations using this service will fail
Use inactive status for:
- Deprecated services being phased out
- Services temporarily unavailable
- Test services in development
Viewing Service Details
Service Overview
The service detail page shows:
- Basic information and status
- Associated policies (with source/destination indicators and algorithm)
- Associated keys
Policy Connections
View all policies that reference this service:
Your App ──[TRANSFER-POLICY]──► RBC Transfer API Your App ──[STATEMENT-POLICY]──► RBC Transfer API (response)
Best Practices
Naming Conventions
Use consistent naming:
✓ "RBC Transfer API" ✓ "Scotiabank Payment Gateway" ✓ "CRA Tax Filing Service" ✗ "bank1" ✗ "api" ✗ "prod_service_new_v2"
Documentation
Add detailed descriptions:
Good: "RBC's transfer submission endpoint. Requires AES-256-GCM encryption
with RSA-2048 key wrapping. Production key imported 2026-01-15."
Poor: "RBC"
Lifecycle Management
- Archive unused services instead of deleting
- Document why services are inactive
- Review service list quarterly
What's Next
- Configuring Policies — Connect services with policies
- Key Management — Manage cryptographic keys