I’d like some advice on best practices for managing access to credentials, perhaps contained in a file, managed in a TN obviously.
Use case is like a whatever-script that rely on some pass - api token - secret key, and i don’t wanna off course expose too much this kind of data, but i don’t wanna neither lose too much flexibility on manage them.
Just to mention, in Windows (to face the same problem) i use built-in DPAPI → ConvertFrom-SecureString, and i think is a great compromise… Those files will only works on the same machine with the same context user (ok, someone could say that is still not bulletproof, but as i say is a compromise), so i’m searching something similar to use in TN but i’m kinda lost 