Hi @lina ,
Overall it would be better practice to create a service account with limited permissions to that particular project in JIRA and use that API token instead of the one linked to your personal account.
https://community.atlassian.com/t5/Confluence-questions/API-Key-permission/qaq-p/1207626
While there is no functionality to use a secret directly in the webhook of the scenario.
You can create a python step and set a scenario variable. This wouldn't necessarily add additional security other than the fact that collaborators on the project would not see the secret directly in the UI for the Webhook.
This would also means that the "Run as" must be set to your actual user. Otherwise retrieving the secret would fail.
Here is a sample code you can use in the python step in the scenario to set the scenario from the value of your secret. In the webhook headers, you can use ${jira_api_secret}.
import json
import dataiku
from dataiku.scenario import Scenario
client = dataiku.api_client()
auth_info = client.get_auth_info(with_secrets=True)
print(auth_info)
# retrieve the secret named "credential-for-my-api"
secret_value = None
for secret in auth_info["secrets"]:
if secret["key"] == "credential-for-my-api":
secret_value = secret["value"]
break
if not secret_value:
raise Exception("secret not found")
Scenario().set_scenario_variables(jira_api_secret=secret_value)
Hope this helps!
