The Invoke policy provides 2 fields to create a basic authorization headers if filled in: Username and Password. Since we cannot type in the credentials and store the OpenAPI specification in Git, we are looking at ways to programmatically set the username and password at runtime from context variables.
Issue that I am finding is that the username field can be set via a context variable, but not the password field. Is there some undocumented way to perform this operation or is this a defect in the product?
Invoke Policy:
- invoke:
version: 2.1.0
title: invoke - Request Bin
backend-type: detect
header-control:
type: blocklist
values: []
parameter-control:
type: allowlist
values: []
timeout: 60
verb: keep
use-http-10: false
chunked-uploads: true
cache-response: protocol
cache-ttl: 900
stop-on-error: []
target-url: 'https://xxxx.pipedream.net'
username: $(hig.secrets.username)password: $(hig.secrets.password)Context Variables Set:
Basic Auth Header Generated:
bXktYmFzaWMtYXV0aC1pZDokKGhpZy5zZWNyZXRzLnBhc3N3b3JkKQ==
decoded: my-basic-auth-id:$(hig.secrets.password)
The username context variable was converted to its policy by the Invoke policy, but not the password field.
------------------------------
Steve Ruscik
------------------------------