Message Level Encryption

puja kumari
Tera Contributor

has anyone implemented message level encryption in servicenow instance. So basically i have written one rest message for which payload is in encrypted way. so how can we encrypt payload content and after encryption we can use that in http post method's content so that we can have decrypted result  in response .

 

Thanks

7 REPLIES 7

Omender Singh
Tera Guru

Yes, message-level encryption (MLE) is not supported out-of-the-box in ServiceNow REST Messages. If you're expecting encryption of payload (like AES or RSA) before sending the data over HTTP POST — this has to be done manually through scripting, not through any native configuration.


āœ… What You Can Do Practically:

  1. ServiceNow Crypto API is limited:

    • It supports hashing, base64, and encryption using internal keys (not suitable for external AES/RSA encrypted payload exchange).

    • It’s not compatible with systems that expect standard crypto padding and keys used in Java, .NET, or Python.

  2. Use Script Include with Crypto Library:

    • Import a JavaScript-based library like CryptoJS or Forge.js in a Script Include.

    • Use that to encrypt your JSON payload inside the script before passing it to the REST message.

  3. Sample Logic (Pseudo):

    var body = '{"username":"admin","password":"test"}';
    var encrypted = My_Encryption_Helper.encryptAES(body, 'secretKey');
    
    var r = new sn_ws.RESTMessageV2('MyAPI', 'post');
    r.setRequestBody(encrypted);
    var response = r.execute();
  4. Alternative (External Encryption API):

    • If encryption is complex (e.g., RSA with public/private key), you can call an external API to encrypt the content first, then send that result in the POST body.

  5. MID Server Option:

    • If encryption involves OS-level or language-specific tools (like PowerShell or Python encryption scripts), use MID Server to run the encryption outside ServiceNow, then send it.


āš ļø What You Should Avoid:

  • Don’t rely on HTTPS alone — it's transport-level security, not message-level.

  • Don’t use ServiceNow Crypto API for external encryption unless both systems are using exact same algorithm, key, padding, and encoding (rarely happens).


āœ… Final Notes:

  • Payload encryption needs custom scripting, either through JavaScript crypto libraries or MID Server execution.

  • There is no checkbox or configuration to encrypt REST payload directly in REST Message UI.


If this solved your doubt or helped move you forward, please mark this as Correct or Helpful.

Ankur Bawiskar
Tera Patron
Tera Patron

@puja kumari 

I doubt this is feasible.

If my response helped please mark it correct and close the thread so that it benefits future readers.

Regards,
Ankur
✨ Certified Technical Architect  ||  ✨ 9x ServiceNow MVP  ||  ✨ ServiceNow Community Leader

@Ankur Bawiskar 

 

According to you , is this feasible? do you have step by step proccess. so that i can replicate in instance.

 

Thanks

@puja kumari 

I already informed as per my understanding this is not feasible with any OOTB ServiceNow feature.

You will have to rely on a custom solution but not sure on how that can be done.

If my response helped please mark it correct and close the thread so that it benefits future readers.

Regards,
Ankur
✨ Certified Technical Architect  ||  ✨ 9x ServiceNow MVP  ||  ✨ ServiceNow Community Leader