https://community.dynatrace.com/t5/Open-Q-A/Avoid-exposing-of-User-Name-and-Password-in-Synthetic-Monitor/m-p/236079#M30858 <P>You should use the Credential Vaults then: <A href="https://docs.dynatrace.com/docs/platform-modules/digital-experience/synthetic-monitoring/general-information/credential-vault-for-synthetic-monitors" target="_blank">https://docs.dynatrace.com/docs/platform-modules/digital-experience/synthetic-monitoring/general-information/credential-vault-for-synthetic-monitors</A></P><P>&nbsp;</P> Thu, 01 Feb 2024 20:16:49 GMT dannemca 2024-02-01T20:16:49Z https://community.dynatrace.com/t5/Open-Q-A/Avoid-exposing-of-User-Name-and-Password-in-Synthetic-Monitor/m-p/236076#M30856 <P>We want to avoid exposing (or protecting ) user name and password in our synthetic monitor HTTP Requests.</P> Thu, 07 Mar 2024 08:31:29 GMT https://community.dynatrace.com/t5/Open-Q-A/Avoid-exposing-of-User-Name-and-Password-in-Synthetic-Monitor/m-p/236076#M30856 PraveenYendluri 2024-03-07T08:31:29Z https://community.dynatrace.com/t5/Open-Q-A/Avoid-exposing-of-User-Name-and-Password-in-Synthetic-Monitor/m-p/236079#M30858 <P>You should use the Credential Vaults then: <A href="https://docs.dynatrace.com/docs/platform-modules/digital-experience/synthetic-monitoring/general-information/credential-vault-for-synthetic-monitors" target="_blank">https://docs.dynatrace.com/docs/platform-modules/digital-experience/synthetic-monitoring/general-information/credential-vault-for-synthetic-monitors</A></P><P>&nbsp;</P> Thu, 01 Feb 2024 20:16:49 GMT https://community.dynatrace.com/t5/Open-Q-A/Avoid-exposing-of-User-Name-and-Password-in-Synthetic-Monitor/m-p/236079#M30858 dannemca 2024-02-01T20:16:49Z https://community.dynatrace.com/t5/Open-Q-A/Avoid-exposing-of-User-Name-and-Password-in-Synthetic-Monitor/m-p/236161#M30880 <P>Thank you very much !!</P><P>Continue to the above question: how to use/add/populate the user name and password into my SOAP Header Security Tag from Vault (may be from Azure Key Vault). Example of my SOAP Header with Security Tag</P><P>&lt;soapenv:Envelope xmlns:soapenv="<A href="http://schemas.xmlsoap.org/soap/envelope/" target="_blank">http://schemas.xmlsoap.org/soap/envelope/</A>" xmlns:oas="<A href="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" target="_blank">http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd</A>" xmlns:soap="<A href="http://www.XYZ.com/Services/SOAPHeaders" target="_blank">http://www.XYZ.com/Services/SOAPHeaders</A>" xmlns:req="<A href="http://info.XYZ.com/Services/add/Operational/Messages/Request" target="_blank">http://info.XYZ.com/Services/add/Operational/Messages/Request</A>"&gt;<BR />&lt;soapenv:Header&gt;<BR />&lt;wsse:Security xmlns:wsse="<A href="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" target="_blank">http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd</A>"&gt;<BR />&lt;wsse:UsernameToken wsu:Id="UsernameToken-24" xmlns:wsu="<A href="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" target="_blank">http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd</A>"&gt;<BR />&lt;wsse:Username&gt;<STRONG>MYUSERNAME</STRONG>&lt;/wsse:Username&gt;<BR />&lt;wsse:Password Type="<A href="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText" target="_blank">http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText</A>"&gt;<BR /><STRONG>MYPASSWORD</STRONG><BR />&lt;/wsse:Password&gt;<BR />&lt;wsse:Nonce EncodingType="<A href="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" target="_blank">http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary</A>"/&gt;<BR />&lt;/wsse:UsernameToken&gt;<BR />&lt;/wsse:Security&gt;</P><P>&nbsp;</P> Fri, 02 Feb 2024 15:09:28 GMT https://community.dynatrace.com/t5/Open-Q-A/Avoid-exposing-of-User-Name-and-Password-in-Synthetic-Monitor/m-p/236161#M30880 PraveenYendluri 2024-02-02T15:09:28Z https://community.dynatrace.com/t5/Open-Q-A/Avoid-exposing-of-User-Name-and-Password-in-Synthetic-Monitor/m-p/236164#M30881 <P>You should use the native Credential Vault from Dynatrace to use them into your synthetics.</P><P>Then you can replace the code with your vault like this:</P><P>&nbsp;</P><LI-CODE lang="markup">&lt;wsse:Username&gt;'{CREDENTIALS_VAULT-ID|username}'&lt;/wsse:Username&gt; &lt;wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText"&gt; '{CREDENTIALS_VAULT-ID|password}' &lt;/wsse:Password&gt;</LI-CODE><P>&nbsp;</P> Fri, 02 Feb 2024 15:45:28 GMT https://community.dynatrace.com/t5/Open-Q-A/Avoid-exposing-of-User-Name-and-Password-in-Synthetic-Monitor/m-p/236164#M30881 dannemca 2024-02-02T15:45:28Z