cancel
Showing results for 
Search instead for 
Did you mean: 

SOAP Session Token Create - How to send encrypted Credentials

SuryaReddy
New Contributor

I am using SOAP Execute to call a SOAP webservice Operation which generates a session token to be used in subsequent calls.
The webservice requests Username, password and APIKey - I can setup a mapper and pass these parameters as clear text, but I am assuming that there is a better way of doing this where these details are encrypted and not visible as clear text to other programmers/users. Can you please advise what the right way to go about this?

2 REPLIES 2

christwr
Contributor III

I’ve handled something like this before by manually (one time) encrypting the values using an Encrypt Field snap using a Passphrase-based Account. Then hardcoded those encrypted values in a mapper like you mentioned, with a Decrypt Field snap after it using the same Passphrase-based Account, to decrypt the values and use them at runtime.

Thanks Chris. That is really useful. I will try this option, but I am guessing that the decrypted value is still available to the developers (much smaller population which is definitely better than before). I was wondering if there is an option like storing the credentials in an account, where it is not possible for anyone to look at these.
If anyone thinks that there are other mechanisms I am missing, please do let me know.