Best practice to store API credentials used in Automation script?

Solved23.55K viewsAPI Automation security
8
0 Comments

In case a DataMiner Automation script directly accesses an external API which is secured by user credentials or an API key, what is the best practice to store these?

We want to avoid including them in the script in plain-text.

Thanks!

Marieke Goethals [SLC] [DevOps Catalyst] Selected answer as best 14th July 2023

3 Answers

4
8.89K 1 Comment

The preferred way is to do the communication in a connector, as Thijs already mentioned. If that's not desired, storing the credentials in "Windows Credential Manager" could be an option. See https://www.techradar.com/news/what-is-windows-credential-manager.

Those credentials can then be retrieved in the automation script: https://stackoverflow.com/questions/17741424/retrieve-credentials-from-windows-credentials-store-using-c-sharp.

Marieke Goethals [SLC] [DevOps Catalyst] Selected answer as best 14th July 2023
Ruben Vandepitte [SLC] [DevOps Advocate] commented

Thanks for the suggestion. Worth looking into!
You are viewing 1 out of 3 answers, click here to view all answers.