Has anyone used the new-ish Secrets Management? Sh...
# suitescript
c
Has anyone used the new-ish Secrets Management? Should be able to read back a password but none of the supported APIs seem to just read back a password.
b
its just a prettier way of using guids
none of netsuite's credential related apis allow you to read the password
it just offers ways of using that password with its api's
c
Ah understood thanks
b
its usually sufficient as long as you dont need to do something which requires dynamic secret keys
things like aws SigV4 fail miserably since netsuite's apis dont let you compute secret keys
s
yeah, I could only do a SigV4 request with pulling the secret key from a locked down Custom Record, I’m not aware if there is a better way.
c
I was just trying to not store API keys in plaintext so I could just use that API and store the API keys and make a call using encrypted credentials.
it doesn't work that way so custom record is an OK option
Seems like they could easily make it work like that though. Would be nice to have a singleton style manager I could use and not worry about the plaintext issues
b
thats kinda how you use the secrets
you tell N/https where to place the secret and it put it there when it sends the request out
its designed so that you cant actually log the secret
c
yeah I don't care about seeing it in logs that makes total sense. The actual API calls is where the documentation lost me
b
if it helps, N/https treats all strings in parameters as templates where expressions in it are replaced with the specified secret/guid
s
API cannot read the password but you can send a http request to External Suitelet or any other http server you have and expose the credential through header
so better set the secret correctly so it can't be used against any website