base64 elements in policy configurations (CA API Gataway 9.4)


Article ID: 141145


Updated On:


CA Mobile API Gateway CA Rapid App Security


There are many policies having base64 encoded elements from configuration management perspective we cannot distinguish actual differences if there are changes within those segments, 

also many references are hidden within those segments, often this is a major issue when analyzing dependencies and tracking differences, 

please use XML so that all configurations are exposes in human readable format, for ex using  CDATA , etc.

We would  like to avoid having these type of "clobs" in our version control.



Release : 9.4

Component : MOBILE API


I agree that RESTMAN bundles and policy exports do contain few text details base64 encoded. This can be revisited based on priority. We need to revisit all the existing assertions and their configuration for base64 encoding in use or not. If we decide to address them, we must do it with full backward compatibility.

We've aware of this issue for a long time, the latest configuration tool (Gateway developer plugin) don't export the configuration with base64 encoding anymore. We are reimagining the gateway configuration management using this plugin. More importantly, it comes with additional benefits like exporting the configuration into multiple files grouped by logical projects, provisioning the external version management systems in use, building CI/CD pipelines, etc.