Home/ Questions/Q 3607516
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-18T21:23:07+00:00

I am implementing an API. I need to provide the username and password for

  • 0

I am implementing an API. I need to provide the username and password for an account the API will connect to.

        profile.APIUsername = "myusername";
        profile.APIPassword = "mypassword";

in the API documentation is has this warning.

/*
         WARNING: Do not embed plaintext credentials in your application code.
         Doing so is insecure and against best practices.
         Your API credentials must be handled securely. Please consider
         encrypting them for use in any production environment, and ensure
         that only authorized individuals may view or modify them.
         */

of course I agree, so how can I secure these and not put plain text in the production code?? Do I store them in a database? but how do I encrypt/decrypt them?
Thanks

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You can store the username and password in your Web.config file and then encrypt those settings in the Web.config.

    Here’s a simple way to encrypt them: http://odetocode.com/blogs/scott/archive/2006/01/08/encrypting-custom-configuration-sections.aspx

    • 0