BPM, Workflow, and Case

Hi

I usually call some REST services on with javascript inside "Script Adapters" to excute some functionality on the solutions. 

Which is your security technique to don't harcode the user and password to call REST services?
Do you use some global variables to store that information? How do you use a configuration file for it? Any samples on how?

Any samples and links to documentation are always apreciated. 

Regards

------------------------------
Martin Iturbide
Consultant
Next Step C.A.
Quito
------------------------------

Hi

I usually call some REST services on with javascript inside "Script Adapters" to excute some functionality on the solutions. 

Which is your security technique to don't harcode the user and password to call REST services?
Do you use some global variables to store that information? How do you use a configuration file for it? Any samples on how?

Any samples and links to documentation are always apreciated. 

Regards

------------------------------
Martin Iturbide
Consultant
Next Step C.A.
Quito
------------------------------

as a quick and dirty solution you can use environment variables.
Normally you build a toolkit for a certain Rest interface (or more than only one..) 

In the Environment Variables you now may place the urls, user and password definitions for each environment (default, dev, test, staging, prod)
But take care that you encrypt sensible informations! Do not store plain text (readable) usernames and passwords there!!!

Other users may read them in ProcessAdmin...

------------------------------
Christian Sennewald

Original Message:
Sent: Thu February 16, 2023 04:13 PM
From: Martin Iturbide
Subject: "Script Adapter" - Security while calling REST.

Hi

I usually call some REST services on with javascript inside "Script Adapters" to excute some functionality on the solutions. 

Which is your security technique to don't harcode the user and password to call REST services?
Do you use some global variables to store that information? How do you use a configuration file for it? Any samples on how?

Any samples and links to documentation are always apreciated. 

Regards

------------------------------
Martin Iturbide
Consultant
Next Step C.A.
Quito
------------------------------

Thank you Jens and Christian for the feedback.

I'm  checking both alternatives, but there is a chance there is some "more baked" tutorial or documentation?

I'm learning this and I'm trying to get some samples that allow me to understand it better.

Regards

as a quick and dirty solution you can use environment variables.
Normally you build a toolkit for a certain Rest interface (or more than only one..) 

In the Environment Variables you now may place the urls, user and password definitions for each environment (default, dev, test, staging, prod)
But take care that you encrypt sensible informations! Do not store plain text (readable) usernames and passwords there!!!

Other users may read them in ProcessAdmin...

------------------------------
Christian Sennewald

Original Message:
Sent: Thu February 16, 2023 04:13 PM
From: Martin Iturbide
Subject: "Script Adapter" - Security while calling REST.

Hi

I usually call some REST services on with javascript inside "Script Adapters" to excute some functionality on the solutions. 

Which is your security technique to don't harcode the user and password to call REST services?
Do you use some global variables to store that information? How do you use a configuration file for it? Any samples on how?

Any samples and links to documentation are always apreciated. 

Regards

------------------------------
Martin Iturbide
Consultant
Next Step C.A.
Quito
------------------------------