I have a custom PowerShell activity which executes several API operations. This is working as expected with the inputs I provide. The issue is that I need to execute the API operations using a local application account (not a service account). I provide a service account in the credential tag field to connect to the MID server. At first, I was just retrieving the local application account credentials from a ServiceNow table and passing it as any other parameter to the PowerShell script being executed on the MID Server. This works, but the issue with this is that the local account password is in plaintext briefly while passing it to the PowerShell activity. I can retrieve an encrypted password value I have set up in System Properties (Password2 type), but then I still have to decrypt before sending to the PowerShell activity (which again leaves it exposed). I was hoping that passing this encrypted value to an encrypted input field type on the activity would decrypt the value as it is passed to the PowerShell script, but it does not seem to work this way. Has anyone had this use case where they need to pass alternative credentials to execute the script? It would be easy if there was a way to pass another $cred object similar to what is passed when specifying a credentialTag. Please let me know if anyone has some advice on how to accomplish this!
