Encrypt Password (2 Way Encrypted) field value -
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
an hour ago
Hi ,
How can we encrypt a value in a Password (2-Way Encrypted) field?
The field resides in a table that belongs to the XXX application scope, and the encryption is required during the execution of a Transform Map associated with a specific data source that exists in the Global application scope.
I attempted to create a cross-scope privilege to allow access between the applications. However, the system does not allow me to select Global as the source scope while configuring the privilege
Requirement:
We have a scoped application containing the sn_fin_supplier_payment table, where the account_number field is stored as a "Password (2 Way Encrypted)" field. We are running a system import through a Transform Map in the Global application that imports incoming bank account information.
As part of the transformation process, we need to compare the incoming account number with existing account numbers in the sn_fin_supplier_payment table to prevent the creation of duplicate records.
Issue:
When executing the decryption logic (getDecryptedValue()) within the Transform Map, the system is unable to read the account number because the field resides in a scoped application. How can we access and decrypt this value during Transform Map execution in the Global scope?
We cannot move the Transform Map to the scoped application because it is part of a sequence of Transform Maps that must remain in the Global application.
Could you please advise on the recommended approach for handling this scenario?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
53m ago
seems duplicate question
Ankur
✨ Certified Technical Architect || ✨ 10x ServiceNow MVP || ✨ ServiceNow Community Leader
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
31m ago
Hey @naveenreddy0871,
Finance Common Architecture is the scope that owns sn_fin_supplier_payment: getDecryptedValue() is hard-blocked to same-scope execution on that field, no cross-scope privilege record will ever open it up, which is exactly why the platform refused Global as a source scope in your screenshot. The move is to push the decrypt-and-compare logic into that scope instead of reaching into it from Global.
- Add a Script Include inside the Finance Common Architecture scope that queries sn_fin_supplier_payment and calls account_number.getDecryptedValue() locally.
- Set that Script Include's Accessible from field to All application scopes.
- Invoke it from the Global Transform Map's onBefore script using the scope-prefixed name, e.g. new x_yourscope.PaymentUtils().isDuplicateAccount(importedValue).
- Have the include return only a boolean/sys_id, never the decrypted string, so nothing sensitive crosses into Global memory.
Thank you,
Vikram Karety
Octigo Solutions INC