Is there a way to do REST calls without passing in the password in clear text? I can't find anything other than using the settings.cfg file and you still have to put the password in as plain text. It's simple enough to hash a password and it should be simple enough to add an API key but I can't seem to find anything in the documentation.
Solved! Go to Solution.
What are you using to send REST calls?
I use postman and it does not type passwords in clear text.
It's a Python script and it's not interactive. It's scheduled to kick off once a day. I'd just prefer not to have the password sitting in plain text on the server.
What do you think about having a file with the credentials that only your user has access to?
username = "xy"
password = "abcd"
Since this is more of a API "flaw" and not VPLEX specific Im not sure what VPLEX could add on its roadmap. This is no different than if you tried to do API calls to your array under VPLEX.
I wouldn't call it a flaw so much in that over the wire communications are secured through HTTPS. I guess I thought maybe something like an API key or somehow have the system accept a hash instead of a clear text password. Thanks for replying.