cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
BookmarkSubscribeRSS Feed
alisio_meneses
Obsidian | Level 7 alisio_meneses
Obsidian | Level 7

Deploy Batch API downloaded from Model Studio without clear text password

Posted 11-29-2022 02:23 PM (217 views)

Hello There.

 

I downloaded a Batch API SAS Code from ModelStudio and it is running fine, but I would like to know if there is a way to call the macro without having the password in clear text as argument. 

 

The following lines illustrates the arguments needed to call the Batch API macro:

 

/* Call the macro */

%let protocol = https;
%let host = sashost;
%let port = 443;
%let username = awesomeuser;
%let password = supersecretpassword;
%let projectId = ohhi-how-are-ya-666;

%vf_new_iteration(&protocol, &host, &port, &username, &password, &projectId);

Thank you!

0 Likes
Reply
3 REPLIES 3
SASKiwi
Opal | Level 21 SASKiwi
Opal | Level 21

Re: Deploy Batch API downloaded from Model Studio without clear text password

Posted 11-29-2022 03:06 PM (206 views)  |   In reply to alisio_meneses

You can encode the password using PWENCODE:

proc pwencode in = "supersecretpassword";
run;

Then you use the encoded version in your program: {SAS002}709545100D40657D4507094941ACEF7C4652D9232A8E0E4001E3D23059C7D7C8

 

However that doesn't prevent someone else making use of that version for their own purposes if they find it in your program. 

Reply
alisio_meneses
Obsidian | Level 7 alisio_meneses
Obsidian | Level 7

Re: Deploy Batch API downloaded from Model Studio without clear text password

Posted 11-30-2022 09:35 AM (166 views)  |   In reply to SASKiwi

Hi @SASKiwi, thank you for replying.

 

I've tried using the encoded password but it didn't work. I get authorization error (log attached) if using the encoded password, although it still works fine using the unencoded password;

 

 

/* Encoding password */
proc pwencode in = "supersecretpassword";
run;
/* encoded password: {SAS002}709545100D40657D4507094941ACEF7C4652D9232A8E0E4001E3D23059C7D7C8 */ 

/* Call the macro */

%let protocol = https;
%let host = sashost;
%let port = 443;
%let username = awesomeuser;
%let password = {SAS002}709545100D40657D4507094941ACEF7C4652D9232A8E0E4001E3D23059C7D7C8;
%let projectId = ohhi-how-are-ya-666;

%vf_new_iteration(&protocol, &host, &port, &username, &password, &projectId);

Could it be that the literal encoded password is being used?

Is it necessary to 'tell' the funcions/step/proc that an encoded password is in use?

 

macro_call_enc_pwd.log.zip
0 Likes
Reply
SASKiwi
Opal | Level 21 SASKiwi
Opal | Level 21

Re: Deploy Batch API downloaded from Model Studio without clear text password

Posted 11-30-2022 03:31 PM (154 views)  |   In reply to alisio_meneses

@alisio_meneses In my experience SAS detects the encoding type based on the contents of the curly brackets. I've never tried this in PROC HTTP but it works fine for other password-required processes.

0 Likes
Reply

suga badge.PNGThe SAS Users Group for Administrators (SUGA) is open to all SAS administrators and architects who install, update, manage or maintain a SAS deployment. 

Join SUGA 

CLI in SAS Viya

Learn how to install the SAS Viya CLI and a few commands you may find useful in this video by SAS’ Darrell Barton.

Watch CLI in SAS Viya on YouTube

Find more tutorials on the SAS Users YouTube channel.

Discussion stats
  • 3 replies
  • ‎11-29-2022 02:23 PM
  • 218 views
  • 1 like
  • 2 in conversation