Magento Forums
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Protect sProtect sensitive valuesensitive values

a month ago
a month ago

Protect sProtect sensitive valuesensitive values

With an increasing number of integrations to external systems, it's not uncommon in AL code to work with secrets such as credentials and other sensitive textual values. Given the need to protect these from being revealed through debugging. The latter was often blocked through resource exposure policies, at the cost of easy troubleshooting.

To support enabling debugging, while protecting credentials and other sensitive textual values from being revealed, we're introducing a new SecretText type for variables. In addition, some of the common scenarios in the system app get support for passing in SecretText parameters for credentials. For example, the HttpClient and Isolated Storage types.

SecretText data type is designed to protect sensitive values from being exposed through the AL debugger when doing regular or snapshot debugging. Its use is recommended for applications that need to handle any kind of credentials like API keys, custom licensing tokens, or similar.

Retrieval

When a credential isn't protected by the NonDebuggable attribute on a procedure scope or in the variable it's contained in, it's vulnerable to being exposed in a debugging session or a snapshot for its entire lifetime in AL code. This lifetime can be split into three distinct phases.

A credential can be retrieved in multiple ways:

  1. An API key is retrieved through a call via the AL HttpClient and then used as authentication for further calls.

  2. A token is fetched through a control add-in implementing an integration with an authentication provider like OAUTH2.

  3. A custom developer defined scenario creates an authentication token.

  4. A developer mistakenly hard-codes a credential in the code for testing purposes and forgets to remove it.

Any value of type Text or Code can be assigned to a SecretText value. If the tokens are retrieved and then converted to a SecretText value in the scope of a nondebuggable procedure, they're protected from the debugger during their lifetime. Furthermore, the AL compiler guarantees that a hardcoded credential can't be assigned directly to a destination of type SecretText.

red hat certified architect rhca malaysia

0 Kudos
Reply