-
Story
-
Resolution: Obsolete
-
Neutral
-
None
-
None
-
None
-
None
As a developer, I want to use values stored in the Password Manager in my REST calls, so that I can connect to APIs but not expose my API keys or secrets.
Acceptance criteria
- I can use values from the password manager
- In a header, parameter, path or body of REST call
Context
Many API's expect a text API key (sometimes called a secret or an API token) to be provided somewhere in the REST call.
For example:
http://api.openweathermap.org/data/2.5/forecast?q=London,us&APPID=11c86e6e92231833a10604185a855418
Notes
This is a follow to the work done in MGNLRESTCL-44, that ticket allows developer to access values from password manager - but only in the specific cases of basic and bearer based authentication.
- is superseded by
-
MGNLRESTCL-113 Hide sensitive information from the rest call definiton query parameters / headers / etc.
- Closed
- relates to
-
MGNLRESTCL-44 Securely configure authentication information
- Closed
- mentioned in
-
Page Loading...