There has been a lot of discussion recently around the challenges in deploying sensitive values (credentials, tokens, etc.) to specific processor properties.
- Expression Language does not support sensitive variables
- Sensitive properties do not support Expression Language
- Sensitive properties can only reference sensitive parameters
- Sensitive properties can only reference a single sensitive parameter
- Sensitive parameters cannot be operated on by Expression Language
- Sensitive properties which require constructed input (i.e. Authorization: bearer ABCDEF... header) require the sensitive parameter to contain format information separate from the sensitive value
- Sensitive parameters cannot be automatically populated by an external source
Please comment on this ticket with any additional requirements or challenging user experiences to inform the next set of decision-making around the sensitive parameter experience.