Hide my Octopus API key in powershell script

Asked Nov 05 '19 at 12:14

Active Nov 05 '19 at 12:14

Viewed 669 times

I am using my octopus API key in a powershell script. Is there a way to hide the key. I am hardcoding it in the below command.

At the moment I have hardcoded the API key into my script. I would prefer if I could use a way of hiding it and maybe getting the APIKEY from the location it is stored. Is there anything like this in Powershell?

ConvertJsonToFile "C:\Users\90L6\Downloads\express-ordering-web- 
variables.json" "C:\Users\QVL6\Downloads" "http://octopus.elims- 
nglocal/api" "API-TYUYDHICUWS6RTURGDHBN789789"

asked Nov 05 '19 at 12:14

hankey39

1

You could use ```ConvertTo-SecureString``` to encrypt the string and store it on disk, and then use ```ConvertFrom-SecureString``` to decrypt it. On Windows, this uses the Windows Data Protection API by default if you don't specify an encryption key (see https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.security/convertfrom-securestring?view=powershell-6), which from my understanding means that only the user who encrypted the original string can decrypt it, and only on the machine where it was encrypted. – mclayton Nov 05 '19 at 13:09
Why, respectively from what/whom, do you want to hide the key? – J. Bergmann Nov 05 '19 at 13:14

Hide my Octopus API key in powershell script

0 Answers0