I have a scenario in which I have to pass sensitive data through the envelope of a SOAP Execute snap. These values include username, password, API keys, etc. This is bad design on the part of the vendor, but I don’t have any other way around it at the moment. My concern, however, is that this requires me to either hardcode the values in my pipeline(s), put them in a file in the plaintext to be read by the pipeline, execute a child pipeline to return them, or enter them as pipeline parameters. None of these solutions are secure unless I lock down access to the project space, which I don’t want to do; I want anyone on my team to be able to troubleshoot these pipelines without being able to get the credentials for these service accounts.
I think SnapLogic should implement the concept of “Secrets,” or key-value pairs in which the value is encrypted and masked, as is already done with authentication credentials. Then perhaps we can associate secrets with a pipeline or individual snaps, and in expressions within we could just reference the secret name, or key.