Forum Discussion

morehendrix's avatar
morehendrix
Occasional Visitor
5 years ago

Avoid exfiltering OAuth Credentials in Git Repository

Hi, 

 

I am using ReadyAPI to test an OAuth2.0 secured API. I am using a Composite project with Git integration and I do not see how could I make use of Auth Manager without exfiltering my OAuth credentials into Git in plaintext, as part of the settings.xml file, within con:oAuth2ProfileContainer and con:oAuth20AuthEntry

 

I tried using client-id and client-secret as encrypted properties, but as soon as the groovy script sets them in the profile, they appear in clear text in the settings.xml file.