TeamDesk Knowledge Base & Support

   Home      FAQ      Forum      Idea Exchange      Ask a Question      My Stuff      Help   
  
Enable Use of Database Variables as Environment Variables in JavaScript
Currently, when writing JavaScript code in TeamDesk that involves making API calls, we are unable to use database variables as environment variables. This limitation requires us to hardcode sensitive data, such as API tokens, directly into the JavaScript code or resort to third-party services to perform the API calls on our behalf.

If we could use the database variables as environment variables, it would give us a secure place to store sensitive data, like API tokens, right within TeamDesk. This change would greatly enhance the security of our API calls by keeping sensitive information out of the code and reducing potential exposure.
ID
2073
Category
Other
Author

Damian
Date Created
8/29/2024 6:32:20 AM
Date Updated
8/29/2024 6:55:34 AM
Status
New Idea
Score
100
Promoted By
LiamLionel Wilsonmarni@farmtrace.co.za
Macky MullerRenier de MeyerJacques
Jonathan SnymanPatricio Bustoswroets@farmtrace.co.za
Damian
Comments
Kirill Bondar  Staff  8/29/2024 6:55:34 AM
Whatever is executed outside your trusted environment should not be considered secure. The browser is not the trusted environment.

If your JavaScript executed in the browser performs an API call with sensitive credentials, it does not matter where they are hardcoded in the script or come from variables.

The hacker can open browser's Development Tools | Network panel and capture API credentials off the network traffic.



Feedback
 
Back to Search Results