This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forย 
Search instead forย 
Did you mean:ย 

Keeping API usernames/password secret in a command script

ncarmichael
Rising Star II

โ€Ž03-10-2023 11:01 AM

Some of my PowerShell scripts callout out to things like the Amazon API

How are people tackling keeping usernames/passwords/keys secret for these scripts?

For example, they can be exported in an encrypted form to a companion file (that JC also delivers)

Interested to hear what others have found works well (and what doesn't)

 

 

Labels:
3 REPLIES 3

rlyons
Rising Star III

โ€Ž03-10-2023 11:45 AM

This is a good start.

https://community.spiceworks.com/how_to/157096-how-to-create-a-secure-credential-file-for-use-with-p...

Basically, create an encrypted credential file (as a bonus, place it in a location that only admins can get to), then use the get-credential commandlet to set your credential variables, then use those variables in the script to have it dynamically place the logins at runtime where you need them.

Here's a couple of example links and such:

https://community.spiceworks.com/how_to/157096-how-to-create-a-secure-credential-file-for-use-with-p...

https://interworks.com/blog/trhymer/2013/07/08/powershell-how-encrypt-and-store-credentials-securely... 

0 Kudos

rlyons
Rising Star III
In response to rlyons

โ€Ž03-10-2023 11:46 AM

Interesting. I moved around the links yet when I posted this reply, it still had those top two lines..... Editing on this forum in macOS MS Edge is kinda strange....

0 Kudos

ncarmichael
Rising Star II
In response to rlyons

โ€Ž03-13-2023 05:19 AM - edited โ€Ž03-13-2023 05:21 AM

Interesting, do you find the file-thing works, the first comment on the article you linked says "it must be created on the PC on which the script will be run." which in a  jumpcloud running it across multiple-machines will not be the case?

0 Kudos
You Might Like

New to the site? Take a look at these additional resources:

Community created scripts

Keep up with Product News

Read our community guidelines

Ready to join us? You can register here.