api-manager icon indicating copy to clipboard operation
api-manager copied to clipboard
verified publisher icon wso2

Possibility of making additional payload parameters as passwords to hide the value via UI

Open riyazathali opened this issue 10 months ago • 0 comments

Current Limitation

Hi Team, There are additional payload parameters which can be configured via the API publisher for the OAuth 2.0 endpoint which are plain and visible via the publisher UI.

The additional payload parameters are expected to be passwords to keep their credentials masked via UI and use them in the endpoint security configs via the API publisher.

Their OAuth 2.0 backend endpoint requires more secure parameters, and so they are expected to be hidden via the publisher, as well as the client's secret.

Suggested Improvement

There is a similar kind of implementation for policy attributes as well to mask the policy attributes as passwords.

Version

APIM 4.2.0

riyazathali avatar Apr 01 '25 08:04 riyazathali