Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Does REDCap_read validate the SSL #521

Open
MardahlM opened this issue Jun 10, 2024 · 1 comment
Open

Does REDCap_read validate the SSL #521

MardahlM opened this issue Jun 10, 2024 · 1 comment
Assignees
@wibeasley

Comments

@MardahlM
Copy link

Dear REDCap R developers.

Thanks for a great package. I use it to pull down data from REDCap always.

In the REDCap API documentation, I found this text:

"One thing that is highly recommended is for your API script/program (i.e. the thing making the request to the REDCap API) to validate the SSL certificate of the REDCap web server when it makes the API request."

While I see you do something related to SSL certificates, I am not sure exactly what.

Can you confirm that redcap_read() conforms to the above security recommendation listed in REDCap?

Best regards, Maibritt
@wibeasley
Copy link
Member

Yes, it does conform. Do these passages address your question? (Are you completing a security review?)

From the home page:

The REDCapR package includes the SSL certificate retrieved by httr::find_cert_bundle(). Your REDCap server’s identity is always verified, unless the setting is overridden (alternative certificates can also be provided).

Also see the SSL/TLS section of the Advanced REDCapR Operations vignette.

@wibeasley wibeasley self-assigned this Jun 10, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@wibeasley wibeasley

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@wibeasley @MardahlM