...
In this sample your code is not secured. Anyone with access to the backoffice could see the authorization credentials.
...
Basic security setup
The bot automatically encrypts all the variables ending with _password or _secret. Rename your sensitive variables accordingly:
...
| Code Block |
|---|
headers = {
'Accept': 'application/json',
'Content-Type': 'application/json',
'Authorization': Bot.Bot().GetPasswordConfig("jira_authorization_secret")
}
url = Bot.Bot().GetConfig("one_app_api") + "search?username={email}"
response = requests.get(url, headers=headers) |
Pro : simple
con : password potentially saved in git & once you know the key, you can decrypt them