Using secrets in Tasks

babelforce provides an Task Automation API with which secrets can be stored in vault so that they are not accessible in plain text.

• These secrets can be used in actions with the "secret" keyword in handlebars.

• Also these secrets are now replaced with ***** in all logs.Examples how to use these:

Creating a secret:

curl -X 'POST' \
  'https://{{env}}.babelforce.com/api/v3/tasks/configurations/secrets/MyPrefix' \
  -H 'Content-Type: application/json' \
  -h 'Authorization': 'Bearer xxxx' \
  -d '{
  "token": "Bearer tx1iA.B6.Q+Q/Uj3K?XD5EpgxDh--1mia*****", "foo": "bar"
}'

Note: MyPrefix in the path & token in the request body are in consumer control. They will be used later on in the action to reference the secret.

Using a secret in an action:

{
  "type": "some.type",
  "body": {
    "integrationId": "123456789",
    "action": "aTestAction"
  },
  "task_completion": {
    "autoComplete": true
  },
  "selection_settings": {
    "enable": false
  },
  "scheduled_at": "now",
  "actions": {
    "on_scheduled": [
      {
        "http": {
          "var": "test",
          "url": "{{env.babelforce.url}}/api/v2/integrations/{{task.body.integrationId}}/dispatch/{{task.body.action}}",
          "method": "POST",
          "header": {
            "Authorization": "{{secret.MyPrefix.token}}",
            "Content-Type": "application/json"
          },
          "body": "{{secret.action}}"
        }
      }
    ],
    "settings": [
      {
        "transitions": "on_scheduled",
        "async": false
      }
    ]
  }
}

In this example, the handlebar in the Authorization header will be replaced with value of the token, while the body will be replaced with an object containing all the secrets keys we have stored.
The Authorization header will look like Authorization: Bearer tx1iA.B6.Q+Q/Uj3K?XD***/zE1hGM
While the Body will look like:

 {
   "token": "Bearer tx1iA.B6.Q+Q/Uj3K?XD5EpgxDh--1miam0x?FpT0FPoVv1.pSDgf-***/zE1hGM",
   "foo": "bar"
}