Secure ADF v2 Pipeline Parameter String for WebActivity

Question

I have ADF v2 Pipeline with a WebActivity which has a REST Post Call to get Jwt Access token from AD token API (https://login.microsoftonline.com/myorg.onmicrosoft.com/oauth2/token)

I have to pass the username and password in the body. Right now, i'm using pipeline parameters to pass these with the request and is working fine.

username=@{pipeline().parameters.username}
&password=@{pipeline().parameters.password}

But, the parameters tab has plain text which i have to secure.

now, what options do I have to secure the parameter values I'm using in this pipeline instead of plain text.

i have explored this article https://docs.microsoft.com/en-us/azure/data-factory/store-credentials-in-key-vault#reference-secret-stored-in-key-vault But, this is to store secrets for data stores. In my web activity, I do not have any dataset. it is just a web activity with rest call.

Any help or pointers would be appreciated. Thanks

Answer 1

Try something like this

create a file generateToken.json  { "resource":"xxxxxxxxxxxxxxxx", "client_id":"xxxxxxxxxxxxxxx" "grant_type":"xxxxxxxxxxxxxxxx" "username":"xxxxxxxxxxxxxxxxxxx" "password":"xxxxxxxxxxxxxxxxxxxx" }

In case you have concern about security of password, decode your password before you add to the generateToken.json and decode at data factory before you make rest api call to generate token using data factory decodeBase64 function.

In case, you can implement this as well:

1. First, you need to store your credential in storage account.
2. Use the lookup activity in data factory.
3. Use the lookup activity output for your rest API call.

I hope this will help.