Hi all,
I'm on PI 7.4 AEX and have the following scenario: ERP (Proxy) --> PI --> CRM (SOAP).
Unfortunately our legacy CRM system needs to have username and password nodes within payload. Example request:
<?xml version="1.0" encoding="UTF-8"?>
<request user="JohnDoe" pwd="verySecret">
<import extsystem="" catbynum="1">
<fields>
<field1>value1</field1>
<field2>value2</field2>
</fields>
</import>
</request>
The communication will be in-house and via HTTPS, so generally, should be ok, from a security perspective.
However, where would you store the user credentials and how to retrieve on PI. Following restrictions would need to be applied
- Receiver interface cannot be changed, must use those user / pwd nodes in payload
- Username and password should not be hardcoded like as a constant within mapping
- Password need to be stored in a secure manner
- Ideally existing user management (either on PI or on ERP) would be used, so that even some "PEBCAK admnisitrator" like myself can change the password easily (optional requirement, though)
Any inputs are really appreciated.
Many thanks and kind regards
Jens