How to use secure string in http request activity

Help Activities
, ,
1

I’m making an oauth2 authentication request to retrieve the salesforce api token. I would like to pass this as a secure string in the http request activity, but UiPath does not allow it. This ends up creating a loophole for anyone who has access to the code to obtain these credentials.

Im storaging the credentials in credentials assets.

Is there any other better solution than converting secure string to a string?

This image shows an HTTP Request Wizard configuration screen where parameters are set for a POST request, and there's a highlighted compiler error regarding the incompatibility of the 'SecureString' type with 'String' for the 'client_secret' field. (Captioned by AI)
This image shows an HTTP Request Wizard configuration screen where parameters are set for a POST request, and there's a highlighted compiler error regarding the incompatibility of the 'SecureString' type with 'String' for the 'client_secret' field. (Captioned by AI)1090×837 99.2 KB

image
image1595×528 78.3 KB

2

Hello @Camila_Caldas

Since the HTTP Request activity does not accept SecureString directly, you need to convert the SecureString to a regular String. Here’s how you can do it:

new System.Net.NetworkCredential(“”, yourSecureString).Password

3

Hi, wouldn’t this be a security risk?

I’m looking to do the same and this seems to be the only possible way I came across.

4

Hi @fustian @Camila_Caldas,

Yes you guys are right, as of now, there is no way to provide secure string in http activity.

We also encountered this issue in few other activities along with http activity in 2021 and reported the same to UiPath product team.

We can see that this concern has been addressed for other activities, however, it is yet to be resolved for http activity.

Please refer below thread on same:

@alexandru

Regards
Sonali

1 Like