Versions Compared

Old Version 4

changes.mady.by.user Amedee Potier

Saved on

compared with

New Version 5

changes.mady.by.user Danil Chernovalov (Unlicensed)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

There may be many situations in your implementation where you’d Sometimes you need to use credentials to send an API request or a login to an external database or system. It In terms of security it is essential for the security of your operations to be able to with credentials without making them visible to all to work with sensitive data making it invisible to users and developers.

Credential definitions

The credentials are expected to be stored in the kbot.conf configuration files, which may exist at files. These files might exist on multiple levels, for providing the settings to be a specific to a particular bot instance, or shared between multiple instances. These The configuration files are typically edited by customers , using the in DevOps / > Deployment view:

...

...

Automatic encryption

When you click on the Apply button, all the passwords and secrets are automatically encrypted. (question) The rule is that any variable name ending with _password or _secret is encrypted.

...

...

Insecure setup

Here is an example of the configuration of a typical configuration data:

Code Block
# App Integration
one_app_api = https://one-app.company.com/rest/api/v2/
one_app_authorization = Basic amlyYWlsjflskjdf

That you may then be able to use in either a Workflow node You can use it in a workflow node (such as the Web Service node), or using python script, for examplein a Python script:

Code Block
    headers = {
        'Accept': 'application/json',
        'Content-Type': 'application/json',
        'Authorization': Bot.Bot().GetConfig("jira_authorization")
    }
    url = Bot.Bot().GetConfig("one_app_api") + "search?username={email}"
    response = requests.get(url, headers=headers)

In the above, this sample your code is not secured in that anyone having . Anyone with access to the back office backoffice could see the authorisation authorization credentials.

Secure setup

By default, the The bot will automatically encrypt in the configuration files encrypts all the variables ending with _password or _secret. So rename Rename your sensitive variables accordingly:

Code Block
# App Integration
one_app_api = https://one-app.company.com/rest/api/v2/
one_app_authorization_secret = Basic amlyYWlsjflskjdf

When saved, the file will then look looks like this:

Code Block
# App Integration
one_app_api = https://one-app.company.com/rest/api/v2/
one_app_authorization_secret = JZVf4hamtMf1+WOEBe2X+XG4zRCbD5su+P8FnCo7YutJE2nxSWp7Qq5d9Ycu9qVn=

Then inside the code, use the GetPasswordConfig to To retrieve the data you need. , use GetPasswordConfig:

Code Block
    headers = {
        'Accept': 'application/json',
        'Content-Type': 'application/json',
        'Authorization': Bot.Bot().GetPasswordConfig("jira_authorization_secret")
    }
    url = Bot.Bot().GetConfig("one_app_api") + "search?username={email}"
    response = requests.get(url, headers=headers)

...