Encrypt Username and Password ForgeRock SDK Embedded Login

Hi everyone, I’m working on integrating Embedded Login with javascript forgerock-sdk, but in login submit it reveals username and password in the network inspect payload.


Is there any guide for encrypt and decrypt password when using javascript forgerock-sdk for login? Could someone please guide me further.
Thanks.

A two question response?

  1. Are you not using https as the transport?
  2. Are you not using an encrypted and signed jwt? And if so, be sure to not use public certificates.

Cheers!

2 Likes

Unless I’m mistaken here, you are looking at your browser’s developer tools which are capturing the details of the request that your browser sent to the URI. Of course the developer tools will capture the data in the payload, as the browser is where those values were sent from. You will find this true on literally every single website you access. This does not mean that anyone else can view this data.

2 Likes

thanks @grpensa and @mwtech for pointing out

1 Like