Update Password Action in Flow Designer

Go to solution
Geoff_T
Mega Sage

‎08-27-2020 07:06 AM

I'm looking at triggering a flow from a catalog item. The aim is to reset user password. User submits catalog request with new password, trigger the flow and run the Update Password action. 

This action only accepts a 'password2 type pill' which doesn't exist as a variable type in a catalog request. 

Is this catalog solution possible?

0 Helpfuls
  • 6,437 Views
1 ACCEPTED SOLUTION

Go to solution
Andrew Albury-D
Mega Guru

‎09-03-2020 04:57 PM

Hi Geoff,

This is definitely doable! You might need to create a new custom action which converts a string (the input from the catalog item) into a Password2 type field. Luckily, I've whipped one of these up already! Here's one I prepared earlier:

 

Input of a string:

find_real_file.png

script step to encrypt it:

find_real_file.png

Output items to pills:

find_real_file.png

 

IN this case I've opted to output it as both a password2 and plaintext, in case you wanted to email it, but it might be worth adding a "true/false" input to show plaintext or not, and checking that in your script. 

Remember, anything where you save a password is inherently unsafe, and this will write the passwords to a flow context which will be accessible by anyone with read access to flows. 

Hope that helps,

Andrew

View solution in original post

Preview file
344 KB
Preview file
118 KB
Preview file
186 KB
8 REPLIES 8

Go to solution
Hitoshi Ozawa
Giga Sage
Giga Sage

‎09-04-2020 08:07 AM

Following worked. Just created a variable "password" of type "Masked". Used GlideEncrypter() to encrypt password to Password2. Was able to update the password and then login with the new password. Check to make sure the old password resulted in an error.

find_real_file.png

find_real_file.png

find_real_file.png

Preview file
100 KB
Preview file
39 KB
Preview file
34 KB

Go to solution
Geoff_T
Mega Sage
In response to Hitoshi Ozawa

‎09-04-2020 10:56 AM

Thanks for the detailed reply. Have you any idea on my secondary question I mentioned above?

Can you use the Update Password action to update passwords in lower environments - having submitted the catalog request in Production?

0 Helpfuls

Go to solution
Hitoshi Ozawa
Giga Sage
Giga Sage
In response to Geoff_T

‎09-04-2020 09:41 PM

Haven't tested this yet but making flows callable should enable calling other instance's flow. Be sure to consider security because exposing APIs increases security risk.

https://docs.servicenow.com/bundle/paris-servicenow-platform/page/administer/flow-designer/task/gran...

0 Helpfuls

Go to solution
louis-comsol
Tera Expert

‎03-18-2025 03:00 AM

For the password encrypt, do not use gs..base64encrypt as it will in some cases give you a missing crypto module error. Rather use:

var new p_util = new global.PasswordResetUtil;

outputs.password = p_util.encryptWithKMFModule(password);
0 Helpfuls