I’m using Code by Zapier to connect with an API that isn’t explicitly integrated with Zapier. I make a JavaScript call to the API, but the problem is that doing it this way leaves the API key stored in plain text in the zap. Is this not the intended use of Code by Zapier? Is there a workaround or some other step that I’ve missed in order to secure the authentication for the other API?
Thanks @Troy Tessalone. The Webhooks app seems particularly useful for some use cases. I do see where I can add the API key to the headers, but again, it isn’t evident to me that this information will be encrypted like passwords. I assume that the headers of the Webhooks zap will be stored somewhere in Zapier’s system in plain text. The security and compliance article you linked also implies that it might be visible through the “comprehensive” logs as well. I’m happy to have my understanding corrected, but I’m concerned about leaving an API key or similar information in plain text like this.
@TalosTheDigiton
You can try opening a ticket with Zapier Support to get a more official response.
In the Zap Runs > Logs, sensitive data will show was “censored”.