Forum Discussion

mfoster711's avatar
mfoster711
Regular Contributor
2 months ago

API Tokens, Passwords - Storing and Retrieving

How do you store and retrieve API Tokens and the various passwords that you might use with your automated testing? I am trying to be a little more security conscious. With this in mind, you shouldn'...
Hassan_Ballan's avatar
Hassan_Ballan
Icon for Champion Level 3 rankChampion Level 3
2 months ago

To use passwords or tokens in TestComplete, here are a few secure ways to manage them depending on your setup:

1. Windows Credential Manager
It's built into Windows, free, and easy to use. You can store credentials manually or via command line:

cmdkey /add:MyService /user:APIUser /pass:SuperSecret123

Then retrieve it from your TestComplete script:

function GetCredential(targetName) {
  var wsh = new ActiveXObject("WScript.Shell");
  var cmd = 'powershell -Command "(Get-StoredCredential -Target \'' + targetName + '\').Password"';
  var exec = wsh.Exec(cmd);
  var token = exec.StdOut.ReadAll().trim();
  return token;
}

function Test_API_Call() {
  var token = GetCredential("MyService");
  var request = aqHttp.CreatePostRequest("https://api.example.com/data");
  request.SetHeader("Authorization", "Bearer " + token);
  var response = request.Send();
  Log.Message("Status: " + response.StatusCode);
}

2. String project variables 
Store an encrypted or encoded value in a regular String variable and decrypt it in code before use:

const encoded = Project.Variables.ApiToken; 
const token = decrypt(encoded); // implement your own decryption

3. Command-line variables
Pass the token to TestComplete or TestExecute when launching command line:

TestExecute.exe "MyProject.pjs" /p:MyProject /u:MyTest /var:ApiToken=MySecret

Then access it in your script with Project.Variables.ApiToken.

🤖 AI-assisted response
👍 Found it helpful? Click Like
✅ Issue resolved? Click Mark as Solution