Working with api secrets

Hallo,

Within our company we are rethinking our way we handle api and other secrets/keys. We consider a centralized (cloud) storage to manage the keys. But that is not the main issue we are unsure about.

We have the following situation which we are not sure yet on how to resolve:

  • A test plan can have multiple plugin/instruments that require a secret/key
  • User should only be requested once to login (and handle the key/secret retrieval etc.)
  • Ideally the user does not have to login per plugin/instrument

We are considering making a separate plugin to handle all the login and key/secret stuff. And then let this plugin insert them into the instruments that need said keys (not exactly if this is a desired way).

The exact moment when to handle the login is not determined yet. We consider it during the opening of instruments, but we expect issues with instruments using said keys.

Im mainly interested in how others manage their keys/secrets inside OpenTap/testplans. Or what an approach would be to achieve our goal.

Thanks in advance.