• This topic has 4 replies, 3 voices, and was last updated August 30, 2024 by .

Secure Credentials for API

  • January 31, 2024 04:35:02 PM

    I am newer to this sort of work. At the moment, we’re manually doing failover tests and gathering info for reports. I’d like to automate this. Following along zerto’s documentation to establish a session from this article, I want to be able to use a securestring generated like:

    $credentials = get-credential

    $credentials.Password | ConvertFrom-SecureString | Out-File $filelocation

    And then using the secure password like:

    $strZVMPwd = Get-Content $filelocation | ConvertTo-SecureString

    Maybe I’d have to write a password into the script, but that’s what I’m trying to avoid, any advice would be appreciated.

    February 8, 2024 07:15:14 PM

    Have you considered using the Windows Credentials manager?  I’m not as good with PowerShell as I am with Python, but I’ve been using the keyring module (python) to pull from credential manager to run scripts without having to plug in a password each time.

    In Keycloak, https://<ZVM-IP>/auth, you set up a client and have it create a password.  Once you’ve set that up on the ZVM, you plug that info into the Windows credentials manager, and then have your script pull the credentials from there.  If you need help, then just reply to this post.  I can help, but like I said, I’m light on PowerShell, but heavy on Python.

    February 8, 2024 08:49:18 PM

    So, I did find a way to do this. I used the zerto powershell module, which allowed me to use a PSCredential for authentication. Thanks for the reply anyway.

    February 8, 2024 09:01:22 PM

    Good news!

    August 30, 2024 03:41:56 PM

    Ensuring secure credentials for API access is crucial, especially for organizations like Impact ERP, where sensitive client data and business processes are managed through our systems. At Impact ERP, we prioritize security and have implemented robust measures to protect API credentials, including encryption and regular audits. This not only helps maintain the integrity of our services but also reinforces our commitment to safeguarding our clients’ data.

The forum ‘Scripting and APIs’ is closed to new topics and replies.