tmo-monitor
tmo-monitor copied to clipboard
Credential Reuse
Provide method(s) for credentials to be re-used.
Because web api authentication uses hashing and app api authentication uses cleartext passwords, cannot simply just use hashed value.
Options include storing password in cleartext or encrypted at rest and providing the decryption key at runtime, e.g. with an environment variable. If storing in cleartext, should ensure read permissions are as strict as possible.