What is the Mendix best practise for storing passwords one needs for calling 3rd party rest services.
3
Hi there What is the Mendix best practise for storing passwords one needs for calling 3rd party rest calls. We integrate with many systems and we want to let the users setup there own options of integrations and licensing options. We dont necassary want to show the passwords that have been entered. If we use hash string we cant use it for the passwords in the rest calls. Ive read through other questions on the forum, and it looks like i must use encryption to encrypt and decrypt the password or just not show it unless it needs to be changed. So the questions is…. Is there a best practise to use, that is easy and fast to store passwords securely? Regards, Patrick
asked
Patrick Gerardi
2 answers
5
Hi Patrick,
You could use the encryption module to encrypt and decrypt user submitted passwords in the database.
Please note that if you set the encryption key in a constant and commit the value to the team server all developers that have access to the repository will see this key!