wibeasley
commented
5 months ago Yes, it does conform. Do these passages address your question? (Are you completing a security review?)
From the home page:
The REDCapR package includes the SSL certificate retrieved by httr::find_cert_bundle(). Your REDCap server’s identity is always verified, unless the setting is overridden (alternative certificates can also be provided).
Also see the SSL/TLS section of the Advanced REDCapR Operations vignette.
Dear REDCap R developers.
Thanks for a great package. I use it to pull down data from REDCap always.
In the REDCap API documentation, I found this text:
"One thing that is highly recommended is for your API script/program (i.e. the thing making the request to the REDCap API) to validate the SSL certificate of the REDCap web server when it makes the API request."
While I see you do something related to SSL certificates, I am not sure exactly what.
Can you confirm that redcap_read() conforms to the above security recommendation listed in REDCap?
Best regards, Maibritt