search

postmanlabs / postman-app-support

Postman is an API platform for building and using APIs. Postman simplifies each step of the API lifecycle and streamlines collaboration so you can create better APIs—faster.
https://www.postman.com
5.82k stars 837 forks source link

Allow field in Environments to be protected (To secure API key and Secrets) #11676

Open saykharng opened 1 year ago

saykharng commented 1 year ago

Is there an existing request for this feature?

Is your feature request related to a problem?

Yes. Currently when we create an Environment and add API key and secret, everyone who has access to the environment can view and copy these details.

However, most the of the users just need to be able to send request and view response only.

This feature will help us protect fields like API Key & Secret. I think console.log also needs to be blocked for protected fields.

Describe the solution you'd like

Allow users to make the field in environment protected.

Describe alternatives you've considered

No response

Additional context

No response

prabhay759 commented 1 year ago

I am also looking forward to this feature

stevenrobson commented 10 months ago

I also hope this becomes a feature. Sharing passwords and secrets in plain text with everyone that is part of a team is not secure. Anyone can click the eyeball and get my credentials. It would also be nice to have the option to save secret variables locally so that other team members using the same environment have to fill in their own.