Encoding and encrypting token request values

This system requires that specific fields in the token request body be encoded or encrypted before being sent. This example demonstrates both techniques applied to different fields: the username is base64-encoded, and the password is AES-encrypted.

Both techniques operate on the field’s value only — the key name is never encoded or encrypted.

Configuration

This scenario requires only a change to the request schema file. For background on these schema flags, see Encode a field value and Encrypt a field value.

Request schema

Set encode: true on the username field to base64-encode its value before the request is sent.
Add an encrypt object with type and key to the password field to AES-encrypt its value. Encryption only applies when a key is provided. Currently, AES is the only supported encryption type.

1 {
2   "$id": "oAuthTokenRequest.json",
3   "type": "object",
4   "schema": "http://json-schema.org/draft-07/schema#",
5   "translate": true,
6   "dynamicfields": true,
7   "properties": {
8     "ph_request_type": {
9       "type": "string",
10       "description": "type of request (internal to adapter)",
11       "default": "getToken",
12       "enum": ["getToken"],
13       "external_name": "ph_request_type"
14     },
15     "username": {
16       "type": "string",
17       "description": "username to log in with",
18       "encode": true,
19       "external_name": "username"
20     },
21     "password": {
22       "type": "string",
23       "description": "password to log in with",
24       "encrypt": {
25         "type": "AES",
26         "key": "myspecialkey"
27       },
28       "external_name": "password"
29     }
30   },
31   "definitions": {}
32 }