Variables are special tokens which associate a value to a unique key, under which the variable is accessible. Their primary purpose is to abstract configuration details from their tasks. The abstracted properties can include both sensitive data (like credentials, password, tokens and connection strings) and non-sensitive data (public tokens, options, URLs etc.).
A variable can be of one of the following types:
•Normal variable - is displayed to the end user in an open-text way, and the user can change its value with a text input. Variables of this types are good use for a data which does not contain sensitive information, including but not limited to credentials.
•Protected variables - are always masked with password characters, and the real value is never transmitted to the UI. This type of variables should be used for password, tokens and other credentials, where it is vitally important to hide their content from application users. The users can always change their value, but once the value is saved no one is able to retrieve it back.
|
Note: Protected or not, variables of both types are always stored encrypted in the database, using tenant-specific encryption key. |
