Mask Secure Plugin Parameters
Masking secure plugin parameters helps you prevent unauthorized access to sensitive data, enhance clarity and consistency and ensure compliance with regulations.
Oracle considers security one of its main priorities, and therefore continuously evolves applications to comply with higher security standards. To this point, this new feature introduces improvements in the configuration of any secure parameters of plugins. With the 23B update, it will be possible to define parameters containing secure data and mask their values, therefore preventing unauthorized access. The feature solves two challenges:
the situation known as "man behind"inadvertent access to values of secure parameters by other people who have privileges to configure the application
How it works
Let's take a typical example of a plugin interacting with some other system via Oracle Integration Cloud. To make it happen, you have to configure the Client ID of the OIC application as one of the plugin parameters.
When adding this new parameter to a plugin, you should check the "Secure parameter" checkbox identifying that the parameter contains sensitive data. When enabling the checkbox, the application will mask a value of the parameter within the UI, replacing it with a series of "dots".
You'll be able to uncheck the checkbox and verify that the value is correct until you save the configuration of the plugin. Once the configuration is saved, the application will mask the value of the parameter on the following screens:
- "Edit plugin"
- "View parameter"
However, you'll still be able to edit the parameter and change its name and value.