Uploaded image for project: 'Serverless logic'
  1. Serverless logic
  2. SRVLOGIC-11

[core] Workflow secrets and authentication


    • Icon: Feature Feature
    • Resolution: Done
    • Icon: Critical Critical
    • 1.24.0
    • None
    • serverless-workflow
    • None
    • False
    • None
    • False
    • 2022 Week 32-34 (from Aug 8)


      It’s possible to retrieve and freely look inside the workflow definition. Therefore sensitive information needs to be stored securely. Service call authentication is a common use case when we need to use secret passwords and authentication tokens.


      Enable use of externally stored secrets


      As a developer, I need to store secrets such as passwords in a secure vault in order to use those secrets in service calls for authentication.

      As a developer, I want to use environment variables in my expressions / external calls so that I don’t have to hard code constants in my workflow.

      Expected outcomes

      Workflows can access environments variables

      Workflows can use secrets from secured vaults

      Externally stored secrets can be used in workflows for service call authentication

      Workflows operation functions can use basic authentication

      Workflows operation functions can use bearer tokens

      OAuth2 authorization flow is out of scope of this requirement (tracked separately)

            rhn-support-zanini Ricardo Zanini Fernandes
            ibek1@redhat.com Ivo Bek
            0 Vote for this issue
            4 Start watching this issue