In case a DataMiner Automation script directly accesses an external API which is secured by user credentials or an API key, what is the best practice to store these?
We want to avoid including them in the script in plain-text.
Thanks!
The preferred way is to do the communication in a connector, as Thijs already mentioned. If that's not desired, storing the credentials in "Windows Credential Manager" could be an option. See https://www.techradar.com/news/what-is-windows-credential-manager.
Those credentials can then be retrieved in the automation script: https://stackoverflow.com/questions/17741424/retrieve-credentials-from-windows-credentials-store-using-c-sharp.
Hi Ruben,
It's actually preferred to always use a protocol to handle all the API communication between DataMiner and any data source.
That way it allows you to store your user credentials safely inside your element- data.
Can you elaborate more on why you would interact with the external API directly from an automation script?
This is one of the main use cases of the new GQI Custom Data feature No need for a ‘middle-man’ connector. GQI can get the data directly from the source.
Note that there is already a feature suggestion in order to support your case. Feel free to upvote it: https://community.dataminer.services/new-feature-suggestions/option-to-link-a-credential-library-to-an-automation-script/
I would say from the top of my head, the built-in credential library would be the best fit to have this functionality, but as far as I know, it only supports SNMP credentials.
Would it be an option to use an element for communication purposes?
Note it’s currently not possible to retrieve the secrets stored in a credential library from an automation script.
Thanks for the suggestion. Worth looking into!