zephyraxis
-
Posts
2 -
Joined
-
Last visited
Content Type
Profiles
Forums
Blogs
Events
Community Tutorials
Store
Posts posted by zephyraxis
-
-
I'm intending on using the OAuth method for authenticating an application with the IG API.
In order to use OAuth, I'm required to post my production account password as plaintext in the body of the request. When using v1 and v2 of the /session endpoint, there is an option to encrypt your password securely. However this option isn't present in v3 for the OAuth method.
I'm hosting this app on Azure, and although the network is safe there are still other production apps running on our subscription and thus the plaintext password could be easily intercepted through our audit logs etc.
Can anyone think of a more secure way of doing this, without using v1 or v2?
Cheers.
- 1
Plaintext password in API (/session v3)
in IG Technical Support - Platform and App Help
Posted
I've since noticed that it's a secure connection requiring SSL, so I've realised this thread shouldn't be much of an issue any more.
Thanks