Confidential Data Storing in Aras
Hi All ,
What would be the ideal way to store values in Aras that are confidential.
Example : I am calling an url from within an Aras Method and I do not want to expose the URL value in my Method...
Forum Discussion
Hi Shruti,
unfortunately Aras doesn´t offer much information regarding secure design. But these kind of scenarios were you need extended security are pretty common.
The solution depends on your Method type (JS/C#).
For C# Method I asked a similar question some time ago in a previous Github project of mine. I got recommend to store the data in the InnovatorServerConfig instead of the Method: https://github.com/AngelaIp/add-ssrs-reports-to-vault/issues/1
It should be possible to add some kind of additional encryption on top.
For JS you could autogenerate the value on demand. It´s not as secure as storing data at the server. I mainly use this technique for spam protection.
If you discovered a better variant, I would be happy to know!
