AnsweredAssumed Answered

SOAP Security

Question asked by rob.mccoy on Apr 25, 2014
Latest reply on Apr 29, 2014 by Tom_Kouhsari

We need to distribute some scripts to execute flows within PAM preferably using SOAP. Example, a field engineer wants to start a process without signing onto the PAM console. So I've written some powershell which makes SOAP calls, but unfortunately, the cleartext ID & password seem to be required fields.  So, I'm looking for alternatives to keep this data off the ethernet.

Can the orchestrator run HTTPS?

Is there a method to encrypt the credentials before transmission?

Is there a better way (non-SOAP) which uses the existing signon or authenticates in a way that ensures someone can't reverse engineer a script and use it to execute undesired flows?