question

Upvotes
Accepted
3 0 1 5

RTO password/client secret with EMA

Hello,

My client is currently using EMA with TREP proxy infrastructure including DACS for user permissions.

They will migrate to cloud RTO (so get rid of TREP) and still be using EMA.

All the example series on Github (including 100 consummer application and 113 session management) show that when creating the consumer for real time, it recieves a config object containing the credential (taken from the Welcome Email and generated password) in clear.

With respect to security issues, is there any other way of configuring the credentials in EMA without passing them in clear in the code?

Thanks,

Regards,

Dimitar

#technologyema-apirrto
icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

@DimAngelNX

Hi,

Thank you for your participation in the forum.

Is the reply below satisfactory in answering your question?

If yes please click the 'Accept' text next to the reply. This will guide all community members who have a similar question.

Otherwise please post again offering further insight into your question.

Thanks,

AHS

@DimAngelNX

Hi,

Please be informed that a reply has been verified as correct in answering the question, and marked as such.

Thanks,

AHS

Upvotes
Accepted
22k 58 14 21

Hi Dimitar,

The EMA SDK needs username/password which is used in the OAuth Password grant and exchanged for an access token, and this is the only means to do this.

If you are concerned about storing clear text password, your application can take additional steps like encrypt and store the password, and decrypt right before using it.

This article on OAuth grant types might be helpful as well.

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Upvotes
3 0 1 5

Many thanks

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.