Thingwporx appkey encryption and use in a Thingworx REST API call
We are calling Thingworx API from a AWS SNS topic when messages arrive at the topic. Currently we are using the APPKey in the REST API call from the SNS endpoint configuration. Is it possible to encrypt the APPKey and send it as an encrypted version in the endpoint configuration in the SNS. For security purpose we have restricted to specific users only but still that poses a danger if the Appkey is exposed somehow.
Application keys are security tokens encrypted in the ThingWorx database that can be used to log in to the ThingWorx application instead of using standard credentials.
You can pass application key tokens on the header in the URL of a request. The request is run using the security context of the user associated with the application key.
By default, a session is not created when a request is made using an application key.
This is the recommended way for other systems and applications to make a request to the ThingWorx application.