Handle API keys securely

Open on Drupal.org →

Created on 27 January 2023, about 2 years ago

Problem/Motivation

Currently, the Greenhouse API key is stored in configuration. That means it is typically exported to a YAML file and tracked in the repository. API keys should be handled more securely than that.

See Securing Authentication Credentials → in the Security in Drupal guide.

Steps to reproduce

Proposed resolution

Require the Key → module. Use it to manage the API key.

Remaining tasks

User interface changes

API changes

Data model changes

The API key will be managed by the Key module, not stored in site configuration.

📌 Task

Status

Fixed

Version

1.0

Component

Code

Created by

🇺🇸United States benjifisher Boston area

Live updates comments and jobs are added and updated live.

Sign in to follow issues

Comments & Activities

Issue created by @benjifisher
@benjifisher opened merge request.
Comment about 2 years ago →
System Message

benjifisher → committed 9f575556 on 8.x-1.x
Issue #3337076 by benjifisher: Handle API keys securely
Status changed to Fixed about 2 years ago10:39pm 27 January 2023
Comment about 2 years ago →
🇺🇸United States benjifisher Boston area
I borrowed some code from the JSON Web Token Authentication (JWT) → module.
Issue was unassigned.
Comment about 2 years ago →
🇺🇸United States benjifisher Boston area
Comment about 2 years ago →
System Message
Automatically closed - issue fixed for 2 weeks with no activity.

contrib.social Blog FAQ Discussions

Production build 0.71.5 2024