All Release Notes

Subscriptions and Extensions hide access secrets

3 August 2018

Both Subscriptions and API Extensions can contain access secrets, for example to allow the commercetools platform to place a message into a queue, or to invoke an AWS Lambda function. When retrieving an access secret via the commercetools platform API, it is now hidden (except for the last 4 characters).

This change should help you to keep your access secrets secure. As noted in both Subscriptions and API Extensions, we recommend to create access credentials that only have the permission to put a message into the specific message queue, or only invoke the particular API Extension.

Copyright © 2021 commercetools