[basic-auth] Handle password field in Admin API responses #7214
Replies: 3 comments
-
Some properties of SSL should also not be displayed in the API response. Maybe introducing |
Beta Was this translation helpful? Give feedback.
-
I think it makes sense to allow hiding some properties for some plugins. I am not entirely sure about this one tho, as users could think a Consumer does no have a password set when they see such a response. |
Beta Was this translation helpful? Give feedback.
-
See #800 . I left the password field as is, does no harm and doesn't change the response for backward compatibility. The plain text password is only added upon inserting a random generated password in the db. Both fields should be updated in the docs imo. |
Beta Was this translation helpful? Give feedback.
-
The
password
field in a credential should be better handled in the Admin API responses:This could be confusing to users. Another solution would be to include it with a value like
*****
?POST
/PUT
.Beta Was this translation helpful? Give feedback.
All reactions