Secure ADF v2 Pipeline Parameter String for WebActivity

Question

I have ADF v2 Pipeline with a WebActivity which has a REST Post Call to get Jwt Access token from AD token api (https://login.microsoftonline.com/myorg.onmicrosoft.com/oauth2/token)

I have to pass username and password in the body. Right now, i'm using pipeline parameters to pass these with the request and is working fine.

username=@{pipeline().parameters.username}
&password=@{pipeline().parameters.password}

But, the parameters tab has plain text which i have to secure.

now, what options do i have to secure the parameter values i'm using in this pipeline instead of plain text.

i have explored this article https://docs.microsoft.com/en-us/azure/data-factory/store-credentials-in-key-vault#reference-secret-stored-in-key-vault But, this is to store secrets for data stores. In my web activity i do not have any dataset. it is just a web activity with rest call.

Any help or pointers would be appreciated. Thanks

Answer 1

I have implemented little differently,here is my implementation.

1. Store your credential in storage account of your choice.
2. use lookup activity in data factory.
3. use lookup activity output for your rest api call.

I hope this will help. in your case you can use something like this

create a file generateToken.json { "resource":"xxxxxxxxxxxxxxxx", "client_id":"xxxxxxxxxxxxxxx" "grant_type":"xxxxxxxxxxxxxxxx" "username":"xxxxxxxxxxxxxxxxxxx" "password":"xxxxxxxxxxxxxxxxxxxx" }

if you are concern about security of password, decode your password before you add to the generateToken.json and decode at data factory before you make rest api call to generate token using data factory decodeBase64 function.

Viral