App Secret should not be visible in DSS settings >> Connections >> Azure Blob Storage connection
gdekruijf
Registered Posts: 2 ✭✭✭✭
In my opinion a visible app secret makes this app registration vulnerable to being used anonymously by anyone who is a admin in Dataiku (and untrusted friends). This field should be saved once, show never. As such, the app secret can only be used from within Dataiku, making any call to the Blob Storage auditable.
Can this be changed in a future release?
Answers
-
Hi,
Sorry for the late response. Thanks for pointing that out. Your request has been added to the backlog and will tackled in a future release.
Regards,
