Add client certificate for Azure Oauth2.0
In the tutorial for enabling OAuth 2.0 authentication with Azure Active Directory you can see that Azure App registration has both Client Certificate and Client Secret. ReadyAPI only supports Client Secret in the Client Credentials Grant. Please add support for the Client certificate as well. My customer does not allow Client Secrets anymore.24Views2likes0CommentsMask Password in settings.xml file for Composite Projects
I would like the ability to mask passwords in the settings.xml file for Composite Project files. Our security team flag this as risk since usernames and passwords are exposed in this file. We would like to continue to use the Auth Repository feature while keeping our project files in Composite format.1.2KViews2likes4CommentsAdd password parameter for the loadtestrunner
Hello, I'm using the latest version from RedayAPI (3.0.0) and my project is password protected - the properties are encrypted. When I want to run functional tests in pipeline, I can give the password over the command-line parameter -p but this parameter doesn't exists for the loadtestrunner. This fact is not an error but a missing function. Without this feature, encoding the properties in a project is a major drawback when you want to automate the load test because I must deactivate the passwort protection to run the loadtestrunner. This is a strong security restriction, especially if you want to protect the passwords/token/secrets used in cloud repositories. A lot of services are provided in the cload nowadays and the trend is increasing, besides the reason I ask the reader to vote for the function to introduce the password parameter for the loadtestrunner as well. Thanks in advance for the votes. Greetings, Giovanni1.8KViews2likes2CommentsMasking encrypted properties in ReadyAPI Test for Azure DevOps task instead of plain text
Hi, The latest version of ReadyAPI 3.20.0 seems to fix encrypted properties being displayed as plain text in logs within the ReadyAPI software itself but this does not translate when running the project from Azure DevOps using the "ReadyAPI Test for Azure DevOps task" as encrypted properties are still being exposed there. 1. The project password for the task is in plain text - This property should be masked as anyone who views the task would be able to download and access the encrypted project and its properties. 2. Encrypted properties are displayed in the logs/requests as plain text The password has been encrypted in the custom properties using the "selected properties" project encryption . However, encyrpted properties are being shown in the task logs when a request that uses the properties fail or when logged using groovy script as plain text. This display of encrypted properties as plain text is unacceptable especially when creating production tests so it would be benefical if encyrpted properties are not exposed. Thanks, Kayleigh1.1KViews1like1Comment