External system REST call to extract password (2 way) field value
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-09-2020 08:48 AM
I have tried searching for this issue but can’t seem to figure out what is the right way to do this.
I have a ServiceNow table with user details including a password field (2-way encryption). An external system wants to query this table via REST and extract the password field value.
I read about system properties but there will be many users in the table, all with their own passwords so not sure it applies here.
Currently I can get the password field value in the REST API Explorer however the password is encrypted (as expected due to the field type being password).
I am aware that the header: sysparm_display_value can hide the value but I need to figure how the external system can get the password field value via REST API or is something else required on the external system to get the password field value?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-09-2020 10:52 AM
I don't recommend sending password over clear text. But you might need a scripted rest API to handle the query and decrypt the value before sending it back to the requestor service. You might be able to decrypt and then make up your own encryption that can be decrypted on your requestor service.
Not sure if there is a way to decrypt it after it's already been received by the requestor service.
hope that helps...
Please mark this response as correct and or helpful if i've answered your question correctly or was a helpful response.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-14-2020 02:52 AM
Thank you kklosterman, that is one approach but are there others?
