Help

Is there a way to mask the input in input.textAsync?

Topic Labels: Scripting extentions
1452 2
cancel
Showing results for 
Search instead for 
Did you mean: 
Andrew_O_Hoski
4 - Data Explorer
4 - Data Explorer

I’d like to prompt the user for the password to an API call but input.textAsync displays the input in plain text on the screen.

Is there a way to mask the input so it shows as ********** when the user is typing?

Like with HTML input type=password?

2 Replies 2
Stephen_Suen
Community Manager
Community Manager

This is not currently supported — thank you for the suggestion!

Yep - we’ve run into this with Script Blocks as well. Here’s how we engineered a workaround:

  1. You need a proxy server to avoid sending the API key at all. Ideally, no one should be doing this anyway, so we envisioned a secure way to manage API keys in the background while avoiding asking users to enter anything.
  2. The API call is replaced with a Google Apps Script server call that contains the Airtable user id plus a unique token embedded in each script block performing API calls.
  3. The doGet() server hears the request from the Script Block and compares the token with the token on file and the Airtable user ID to verify it is a legitimate request.
  4. The Google Apps Script then calls out to the API, performs its actions, and returns the results to the script block.

The users are thrilled, the interchange with the API is seamless, and it doesn’t expose API keys to any humans.