Is there a way to make the generated tokens from an OAuth2 configuration secret,

[gabrielsantosblanchet]

I would like to know if there is a way to make sure the accessToken generated by OAuth2 is not visible on a comit. maybe generate token inside a local environment. so we don't comit access token into the wild

Thanks for the help

[rangav]

Currently You have to manually copy the token to local environment.

please create new feature request for this and the solution looking for.

[gabrielsantosblanchet]

Thanks for the anwser, Will do.

[phantomdenkali]

Hi, what is the recommended way to work with Oauth2?

[rangav]

Hi @phantomdenkali the generated token is not saved to git, they are stored locally on user's machine.

They renew automatically when expire.

You can save all secrets to the environment or Local environment and use variables in OAuth 2 section.

Let me know if have any specific question?

[phantomdenkali]

Thanks for the quick reply. I will try it out. Perhaps a different question, I'm migrating from Postman - would be nice to have an import utility to speed the transition.

[rangav]

Import is already supported, you can import multiple collections or env at once.

https://github.com/rangav/thunder-client-support#import

[phantomdenkali]

SWEEEET! Saved me a bunch of time!

So, if I am using a token with CLI for CI/CD, is there a way to store a token securely or is that a contradictory statement?

[rangav]

In the CLI also the tokens are saved locally on the machine where CLI is run.

And None of the data is shared with us, its a complete local storage extension