Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[connector builder design] Protect against connector developer accidentally leaking their secrets #20683

Closed
girarda opened this issue Dec 19, 2022 · 2 comments
Closed

[connector builder design] Protect against connector developer accidentally leaking their secrets #20683

girarda opened this issue Dec 19, 2022 · 2 comments
Labels
design/connector-builder team/extensibility

Comments

@girarda
Copy link
Contributor

girarda commented Dec 19, 2022

How can we prevent developers from saving their real production secrets as part of the connector configuration? E.g: how can we prevent someone from saving their API key as part of the connector configuration
@lmossman
Copy link
Contributor

I believe @flash1293 is solving this by hardcoding secret fields to always come from user inputs, as he describes in this PR: #20645

@flash1293
Copy link
Contributor

Exactly, we lose a tiny bit of functionality (the ability to have an interpolated string for the authentication secrets), but IMHO this trade-off is worth it for the UI to make it much harder to accidentally encode secrets where they don't belong

@girarda girarda closed this as completed May 1, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
design/connector-builder team/extensibility
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@girarda @flash1293 @lmossman