Hide secrets and keys - API - Power Query

There should be a secure way to pass secrets or keys when making an API call (e.g. web.contents) in Power Query M.

 

Suggestions:

 

A) Make it possible to enter and edit secrets in Power Query, similar to how we enter and edit data source credentials in Power Query. Make these secrets encrypted and redacted. The secrets should be available to use as variables in the M code. When entering a secret, we would give it a name, which we can reference as a variable in the M code. We would only see the name, but the value would not be visible (the value would be redacted).

 

B) Make an Azure Key Vault connector for Power Query, that will make it possible to fetch secrets from AKV and assign the secret to a variable in the M query. This variable can be passed as part of the header in an API call.

 

C) Make it possible to redact some variables in M, so that we can use secret variables without the value being visible in the Power Query user interface. 

 

The main point is that we want a way to use secured and hidden secrets as part of API calls in Power Query.

Needs Votes
Comments
miguel
Community Admin
Status changed to: Needs Votes
 
frithjof_v
Super User
The suggestions (A, B, C) don't need to be implemented together. They can be implemented separately. If A) gets implemented, there will perhaps not be a need for B). The main Idea is to make it possible to include secured and hidden secrets in cases where the regular Data Source Credentials don't apply, e.g. in the web.contents connector.