BookmarkSubscribeRSS Feed
alisio_meneses
Quartz | Level 8

Hello There.

 

I downloaded a Batch API SAS Code from ModelStudio and it is running fine, but I would like to know if there is a way to call the macro without having the password in clear text as argument. 

 

The following lines illustrates the arguments needed to call the Batch API macro:

 

/* Call the macro */

%let protocol = https;
%let host = sashost;
%let port = 443;
%let username = awesomeuser;
%let password = supersecretpassword;
%let projectId = ohhi-how-are-ya-666;

%vf_new_iteration(&protocol, &host, &port, &username, &password, &projectId);

Thank you!

3 REPLIES 3
SASKiwi
PROC Star

You can encode the password using PWENCODE:

proc pwencode in = "supersecretpassword";
run;

Then you use the encoded version in your program: {SAS002}709545100D40657D4507094941ACEF7C4652D9232A8E0E4001E3D23059C7D7C8

 

However that doesn't prevent someone else making use of that version for their own purposes if they find it in your program. 

alisio_meneses
Quartz | Level 8

Hi @SASKiwi, thank you for replying.

 

I've tried using the encoded password but it didn't work. I get authorization error (log attached) if using the encoded password, although it still works fine using the unencoded password;

 

 

/* Encoding password */
proc pwencode in = "supersecretpassword";
run;
/* encoded password: {SAS002}709545100D40657D4507094941ACEF7C4652D9232A8E0E4001E3D23059C7D7C8 */ 

/* Call the macro */

%let protocol = https;
%let host = sashost;
%let port = 443;
%let username = awesomeuser;
%let password = {SAS002}709545100D40657D4507094941ACEF7C4652D9232A8E0E4001E3D23059C7D7C8;
%let projectId = ohhi-how-are-ya-666;

%vf_new_iteration(&protocol, &host, &port, &username, &password, &projectId);

Could it be that the literal encoded password is being used?

Is it necessary to 'tell' the funcions/step/proc that an encoded password is in use?

 

SASKiwi
PROC Star

@alisio_meneses In my experience SAS detects the encoding type based on the contents of the curly brackets. I've never tried this in PROC HTTP but it works fine for other password-required processes.

suga badge.PNGThe SAS Users Group for Administrators (SUGA) is open to all SAS administrators and architects who install, update, manage or maintain a SAS deployment. 

Join SUGA 

Get Started with SAS Information Catalog in SAS Viya

SAS technical trainer Erin Winters shows you how to explore assets, create new data discovery agents, schedule data discovery agents, and much more.

Find more tutorials on the SAS Users YouTube channel.

Discussion stats
  • 3 replies
  • 521 views
  • 1 like
  • 2 in conversation