Securing Iparams credentails and accessing using template syntax (<%= iparam.name %>)

I am trying to call an API. The API contains credentials (password) in the URL so I tried to secure that password using the template syntax. Having credentials in the URL is not the best practice since we are trying to integrate one of the customer’s systems we have no other option.

This is how I tried:

client.request.get("https://domain.com/user/<%= iparam.password%>").then(
 (data) => ​{ console.log(data); }, 
​(err)=>{ console.log(err);  });

I am using the default installation parameter page, In the iparams.json config file, I have set secure attribute to true.

 "password": {
    "display_name": "Enter password",
    "description": "Please enter the password",
    "type": "text",
    "secure":true
    "required": true
  }

When I run the app request API call fails. When I debugged the issue, I found that the password was not substituted (<%= iparam.password%>) in the URL.

Am I missing anything? Can we access secured iparams fields in the URL? Is this supported?

Hi Amaresh,

Hope you are doing good.

Can you try by re-writing your request in the below format?

client.request.get(“https://domain.com/user/<%= iparam.password %>”).then(function(data) {
console.log(data);
}).catch(function(error) {
console.log(error)
});

Let me know if it doesn’t work.

Regards,
Mughela chandresh