Sapien Credential feature

Ask your PowerShell-related questions, including questions on cmdlet development!
Forum rules
Do not post any licensing information in this forum.

Any code longer than three lines should be added as code using the 'Select Code' dropdown menu or attached as a file.
This topic is 1 year and 11 months old and has exceeded the time allowed for comments. Please begin a new topic or use the search feature to find a similar but newer topic.
Locked
mattys
Posts: 62
Last visit: Wed Dec 27, 2023 8:28 am
Has voted: 3 times

Sapien Credential feature

Post by mattys »

I want to to use the Sapien credential feature and use the secure strings for API requests.

How do I place the SecureString object containing the password(Refresh token in this case) into these double quotes? In this example the refresh token.
  1.     $params = @{
  2.         Uri  = 'https://accounts.google.com/o/oauth2/token'
  3.         Body = @(
  4.            
  5.             "refresh_token=$($SAPIENHost.GetPasswordString(0))",
  6.             "client_id=123clientid.apps.googleusercontent.com",
  7.             "client_secret=123clientsecret",
  8.             "grant_type=refresh_token"
  9.         ) -join '&'
  10.         Method = 'Post'
  11.         ContentType = 'application/x-www-form-urlencoded'
  12.     }
  13.     $accessToken = (Invoke-RestMethod @params).access_token
  14.    
  15.     # Set the authentication headers
  16.     $headers = @{
  17.         'Authorization' = "Bearer $accessToken"
  18.         'Content-type'  = 'application/json'
  19.     }
  20.    
My API request works if I hard code the values...

I appreciate any help or thoughts. Thank you for your time.
jvierra
Posts: 15439
Last visit: Tue Nov 21, 2023 6:37 pm
Answers: 30
Has voted: 4 times
Been upvoted: 33 times

Re: Sapien Credential feature

Post by jvierra »

I don't see how you can use a Windows secure string as a token for Google. I suggest posting in the Google developers forum for help with the Google APIs.
mattys
Posts: 62
Last visit: Wed Dec 27, 2023 8:28 am
Has voted: 3 times

Re: Sapien Credential feature

Post by mattys »

jvierra,
So there is no way to use the Windows secure string as a string in powershell?
jvierra
Posts: 15439
Last visit: Tue Nov 21, 2023 6:37 pm
Answers: 30
Has voted: 4 times
Been upvoted: 33 times

Re: Sapien Credential feature

Post by jvierra »

You are using it as a string. Have you looked at the contents of the hash?
User avatar
Alexander Riedel
Posts: 8472
Last visit: Mon Mar 18, 2024 2:59 pm
Answers: 19
Been upvoted: 37 times

Re: Sapien Credential feature

Post by Alexander Riedel »

SecureString is a .NET type, which means you can only use it within PowerShell where a parameter expects a SecureString.
For any API expecting a string, you have to use, well, a string.
Our credentials in resources can retrieve your passwords as a string or as a securestring for that reason.
If you need to keep the password around in your script for repeated use, I would recommend to use a securestring
and only convert it to a string when needed.
E.g. with plainStr = new System.Net.NetworkCredential(string.Empty, secureStr).Password
Set plainStr back to NULL when done using it to minimize exposure time.
Alexander Riedel
SAPIEN Technologies, Inc.
This topic is 1 year and 11 months old and has exceeded the time allowed for comments. Please begin a new topic or use the search feature to find a similar but newer topic.
Locked