Protecting API test assets by using secrets
Secrets are key-value pairs that are created for your project in HCL DevOps Test
Hub (Test Hub) under a classification. You can
create classification for your project that enable you or members in your project to use
secrets at test runtime either in Test Hub or in HCL DevOps Test Integrations and APIs (Test Integrations and APIs).
The secrets in a project in Test Hub
maintains a separate access control list managed by the members with access to the secrets
added to the classification. Controlling access to secrets means controlling access to
applications and systems under test. The introduction of secrets under classification for a
project simplifies managing access to separate environments. If a member of a project does
not have access to a secret, for example, a server credential then the
member cannot accidentally or intentionally run tests against that server. For example,
tests that must access the database server by using the server credentials to retrieve
stored data can only be run by a member if the access to the secrets is granted.
Note: Secrets are applicable to test assets created in Test Integrations and APIs that facilitates running tests
in defined environments. Secrets are not applicable to tests created in Test UI or Test Performance.
As a project member with the Owner or Tester role, you can add secrets to the classification in the project. You can grant or restrict access to the secrets that you added to the classification in the project.
Members with access to a secret classification can access, edit, or delete the secrets in Test Hub and can view secrets, edit secrets, or delete secrets.
Members are granted Read access to the classification at the role level, while Read and Write access can be provided to specific members.
Members in the project with the Owner or Tester role and with access to the secrets can use the secrets in tests at runtime.
If you are configuring a project to run an API Suite with tests that refer to secret values, you
must configure the secrets under a classification by using the Add
Secret option in the Security page. You must complete
the following tasks:
- Create a classification. See Creating a classification.
- Add secrets in the classification. See Creating a secret in a classification.
- Grant access to project members or member roles, who can access the secrets. See Granting access to members or member roles.