Hey testlabauto
No one's come back to answer this yet and I was intrigued by your post as it seems a little weird that you can't use property expansions in the Auth Manager editable field. I can't answer this I'm hoping that perhaps the SmartBear support Staff might comment (occasionally they do which can help a lot).
However - I just wanted to emphasise some points in case this helps. You can encrypt the whole project or custom project level properties.
I've always steered clear of the Auth Manager before now. I load in all my variables via a properties file before I start execution. My properties file contains static values like environment specific URIs, ip addresses, etc. and placeholders for dynamic values - GUIDS, token values, etc. I generate my dynamic property values by querying the environment by executing steps within a disabled setup testsuite (the first testsuite in my project) when the execution starts. All these values are loaded into custom project level properties - this means I can encrypt my tokens, usernames, passwords - cos you can either encrypt the whole project or specific custom project level properties.
I did a bit of reading and git does support encrypting passwords, but only if they're in separate files. You can encrypt readyapi! preferences via the C:\Users\<your-user-name>\.readyapi\readyapi‑settings.xml. file. You could create some Global Properties in here which would contain all your OAuth Tokens in here. This is a separate file to the project file (and I'm assuming still remains separate when you unflatten the project file to composite option), so it also means you wouldn't necessarily keep adding it to your push if it doesn't change often.
Anyway - sorry i can't help with the Auth Manager - I looked at it about 2 years ago and was advised by one of the experts on here to use loading in custom project level properties file instead and I've gone with that ever since, but perhaps either that or the readyapi-settings.xml file option might help?
Other than that - perhaps the SmartBear staff might chime in on this - I'd like to see what they say as I wouldn't mind giving the Auth Manager another shot now the functionality is a little more mature than what it was 2 years ago.
Cheers,
rich
Ta
