We need to distribute some scripts to execute flows within PAM preferably using SOAP. Example, a field engineer wants to start a process without signing onto the PAM console. So I've written some powershell which makes SOAP calls, but unfortunately, the cleartext ID & password seem to be required fields. So, I'm looking for alternatives to keep this data off the ethernet.
Can the orchestrator run HTTPS?
Is there a method to encrypt the credentials before transmission?
Is there a better way (non-SOAP) which uses the existing signon or authenticates in a way that ensures someone can't reverse engineer a script and use it to execute undesired flows?