I am working on automating a script to do an Odata query from Citrix Monitor Data API. I have been able to successfully create a script using Invoke-RestMethod -uri -credentials .
However, this prompts me for the specific credentials – which once entered works perfectly as expected.
The plan is to automate this script through task scheduler and have it run every month and create the report. When I remove the "-credential" parameter from the command & use "Run As" to launch the script – it ends up giving me an Unauthorized (401) error.
I understand that there is a way to store the encrypted password in a file using "ConvertTo-SecureString -AsPlainText -Force" command. However, due to security concerns I am not comfortable using this method.
Is there a different way to have the credentials automatically fed to the script to have it run automatically every month?
That depends on how you authenticate to the website. If it happens to support NTLM (Windows) authentication, and the user running the script has access to the site, then you can use the -UseDefaultCredentials switch on Invoke-RestMethod.
Otherwise, you will need to save the credentials and use them in the script. I would recommend encrypting the password in such a way that only the account that runs the script will be able to decrypt it. You've got several options for this, depending on your needs and your PowerShell version; this was the topic of my "Keeping Secrets" talk a the 2015 PS Summit: https://www.youtube.com/watch?v=Ta2hQHVKauo