Versions Compared

Old Version 8

changes.mady.by.user Caleb Miller

Saved on

compared with

New Version Current

changes.mady.by.user Caleb Miller

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Secrets are not stored in GitHubyour hosting repository

  2. Secrets are not viewable from the “Edit Check” dialog in ASM

Tip

This how-to tutorial describes how to implement credential masking for Postman checks. However, Cryptify can be used to encrypt credentials for all Scripted check types. If you wish to encrypt credentials using Cryptify for a different kind of Scripted check (Python, Java, etc.), the process is similar to the process followed here: create an environment file with your credentials stored in it, export the environment file to the private agent responsible for running the scripted checks, use Cryptify to encrypt the environment file, and then upload the environment file along with your script to the repository where you are storing the checks.

When the process is followed, secrets can be accessed via Environment Variables and the code on GitHub your hosting repository will look like this:

...

Furthermore, the Edit Check settings page will look like this:

...

Step 1: Add Existing Credentials to

...

Postman Environment

Postman environments allow for the storage of secrets/keys so that they can be re-used/hidden in Postman. By moving your credentials to the Postman environment, you are allowing them to be exported into a format which the Postman check runner will able to read. Here is an example of an Environment we set up in Postman which will store our GitHub credentialsrepository credentials, in this case our ASM API key:

...

You will reference the “variable” in your script as an environment variable. For example, this script uses {{apiKey}} since the variable is apiKey.

Step 2: Export Postman

...

Environment to

...

File

...

Click the Meatballs Menu (three dots positioned horizontally) and select “Export”. Export using the latest JSON schema version.

Step 3: Edit

...

Your Original Postman

...

Collection to

...

Substitute Secrets for Environment Variables

Open your Postman collection file. It will look similar to this:

...

Replace your secrets (e.g. Username and Password) with the environment variables you defined in your Postman collection in the previous step. See {{username}} and {password}} substitutions in the above screenshot.

Step 4: Encrypt

...

Your Postman

...

Environment File

First, install Cryptify onto the private agent which is running your Postman checks using NPM:

...

Of course it is mandatory to replace “file.txt” with your file name and Secret123 with your password. Now, try to open up the Postman environment file. It should look garbled and unreadable. That means the encryption worked. Move the encrypted file back onto your machine so you can upload it to GitHubyour hosting repository.

Step 4: Upload

...

Files to Your Hosting Repository and Populate Fields in ASM Edit Check Settings

The Postman environment file and the Postman file itself should be stored in the same directory. In our example, we stored our Postman collection in /postman relative to my Repository Root which we defined in our Repository Profile:

...