Has anyone configured SecZetta as a WebService (REST API) source in IDN? Using token to connect with SecZetta, even if I mention it in source connection settings I need to give token details in header of operations for account aggregation . Authorization :Token token=xxx . Want to avoid this and pass it as encrypted value? if I mention Authorization_CA will it make secure? I also did try creating one more operation custom authentication and using authenticity_token (getting access denied in postman as well)
Warning
When configuring the source, do not hard code sensitive data. If sensitive data is hard coded, it can lead to that data being exposed when moving to a production environment. SailPoint recommends putting sensitive information in the encrypted attribute value list in the application XML and then using the encrypted variable name when configuring the source. For example, if you want to add the custom variable Custom_Variable in the encrypted list, append the variable name in the following list: <entry key="encrypted" value="accesstoken, refresh_token, Custom_Variable"/>
@iam_nithesh . @Kurt_Ramsey Thank you for responding. yes was able to do passing hardcoded token through UI but want to avoid. This is fixed now. Passing in before rule “access token” value the authorization value instead of UI and retrieving it in operations.
If we set the api token in connector settings of source in UI we again need to pass hardcoded token in operations and unable to retrieve using “$application.accesstoken$” so did set this using before rule.