cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
BookmarkSubscribeRSS Feed
alisio_meneses
Quartz | Level 8 alisio_meneses
Quartz | Level 8

Deploy Batch API downloaded from Model Studio without clear text password

Posted 11-29-2022 02:23 PM (797 views)

Hello There.

 

I downloaded a Batch API SAS Code from ModelStudio and it is running fine, but I would like to know if there is a way to call the macro without having the password in clear text as argument. 

 

The following lines illustrates the arguments needed to call the Batch API macro:

 

/* Call the macro */

%let protocol = https;
%let host = sashost;
%let port = 443;
%let username = awesomeuser;
%let password = supersecretpassword;
%let projectId = ohhi-how-are-ya-666;

%vf_new_iteration(&protocol, &host, &port, &username, &password, &projectId);

Thank you!

0 Likes
Reply
3 REPLIES 3
SASKiwi
PROC Star SASKiwi
PROC Star

Re: Deploy Batch API downloaded from Model Studio without clear text password

Posted 11-29-2022 03:06 PM (786 views)  |   In reply to alisio_meneses

You can encode the password using PWENCODE:

proc pwencode in = "supersecretpassword";
run;

Then you use the encoded version in your program: {SAS002}709545100D40657D4507094941ACEF7C4652D9232A8E0E4001E3D23059C7D7C8

 

However that doesn't prevent someone else making use of that version for their own purposes if they find it in your program. 

Reply
alisio_meneses
Quartz | Level 8 alisio_meneses
Quartz | Level 8

Re: Deploy Batch API downloaded from Model Studio without clear text password

Posted 11-30-2022 09:35 AM (746 views)  |   In reply to SASKiwi

Hi @SASKiwi, thank you for replying.

 

I've tried using the encoded password but it didn't work. I get authorization error (log attached) if using the encoded password, although it still works fine using the unencoded password;

 

 

/* Encoding password */
proc pwencode in = "supersecretpassword";
run;
/* encoded password: {SAS002}709545100D40657D4507094941ACEF7C4652D9232A8E0E4001E3D23059C7D7C8 */ 

/* Call the macro */

%let protocol = https;
%let host = sashost;
%let port = 443;
%let username = awesomeuser;
%let password = {SAS002}709545100D40657D4507094941ACEF7C4652D9232A8E0E4001E3D23059C7D7C8;
%let projectId = ohhi-how-are-ya-666;

%vf_new_iteration(&protocol, &host, &port, &username, &password, &projectId);

Could it be that the literal encoded password is being used?

Is it necessary to 'tell' the funcions/step/proc that an encoded password is in use?

 

macro_call_enc_pwd.log.zip
0 Likes
Reply
SASKiwi
PROC Star SASKiwi
PROC Star

Re: Deploy Batch API downloaded from Model Studio without clear text password

Posted 11-30-2022 03:31 PM (734 views)  |   In reply to alisio_meneses

@alisio_meneses In my experience SAS detects the encoding type based on the contents of the curly brackets. I've never tried this in PROC HTTP but it works fine for other password-required processes.

0 Likes
Reply

suga badge.PNGThe SAS Users Group for Administrators (SUGA) is open to all SAS administrators and architects who install, update, manage or maintain a SAS deployment. 

Join SUGA 

Get Started with SAS Information Catalog in SAS Viya

SAS technical trainer Erin Winters shows you how to explore assets, create new data discovery agents, schedule data discovery agents, and much more.

Watch Get Started with SAS Information Catalog in SAS Viya on YouTube

Find more tutorials on the SAS Users YouTube channel.

Discussion stats
  • 3 replies
  • ‎11-29-2022 02:23 PM
  • 798 views
  • 1 like
  • 2 in conversation