When creating API statements using the wizard or command approach, you may want to include confidential information, such as authentication tokens or passwords, in various parts of the API request. To protect this sensitive information, you can use encrypted values.
How to pass encrypted values
To pass an encrypted value in an API call, follow these steps:
-
Click on Resources in the left-navigation menu, and then click on Tools > Encrypt Text.
-
Enter the confidential information you want to encrypt and click Encrypt.
-
Copy the encrypted value.
-
In the API request, include the encrypted value with a "$encr:" prefix (in the format "$encr:<encrypted value>").
API information where encrypted text is accepted
You can pass encrypted values in the following parts of an API request:
-
Query parameters in the endpoint URL: For example, if you want to pass an encrypted value for the "apikey" query parameter, you would include "?apikey=$encr:<encrypted value>" in the endpoint URL.
-
Headers: For example, if you want to pass an encrypted value for the "Authorization" header, you would include "Authorization: $encr:<encrypted value>" in the headers section of the API request.
-
Form-data fields: For example, if you want to pass an encrypted value for a "password" field, you would include "password=$encr:<encrypted value>" in the form-data payload.
-
The entire request payload passed as one string: For example, if you want to pass an encrypted value for the entire request payload, you would include "$encr:<encrypted value>" as the request payload.
By using encrypted values, you can help protect confidential information from being saved or displayed in plain text in your Action logic, or in the test reports.
Comments
0 comments
Please sign in to leave a comment.