Send API tokens via form | ww.wp.xz.cn

glassmichael
(@glassmichael)

4 years ago
We would like to connect a wordpress form to to OKTA API to create a user for our software from the website. Okta requires sending an API token but we dont want to send the token in plain text.
1. What is the best wordpress form plugin for sending for data to an API endpoint?
2. What is the best way to encrypt the token with that plugin?
3. How can we limit it to a certain number of submissions per IP address to prevent spamming?

Thanks
- This topic was modified 4 years ago by glassmichael.

Viewing 1 replies (of 1 total)

Jacob Peattie
(@jakept)

4 years ago

You probably can’t encrypt the token. If you did then OKTA would probably receive an invalid token and reject the request. The proper way to encrypt tokens in transit is to ensure you’re using an HTTPS URL for the request.

If you want to avoid exposing the token to the end user in plain text in the browser via the form HTML, then the best solution to that would be to handle the form submission in WordPress on your own server and on the server adding the API tokens before forwarding the submission on to OKTA. The problem is that this solution would typically require coding the form response entirely yourself, rather than using a plugin.

However there are services like Zapier where you could send the form to that service and then using their tools configure the service to send data to the OKTA API. That way you could keep the credentials on Zapier, without exposing them to the user.

Viewing 1 replies (of 1 total)

The topic ‘Send API tokens via form’ is closed to new replies.

Tags

In: Fixing WordPress
1 reply
2 participants
Last reply from: Jacob Peattie
Last activity: 4 years ago
Status: not resolved

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics