Password2 input in Flow Designer does not support any variable types.

rithesh
Kilo Expert

Password2 field in Flow Designer not supporting any field types from Catalog variables. I am using "Create User" from Microsoft AD spoke, Password2 data pill is not picking any of the variable types including Poweshell Output. Please let me know if there is a way to add dynamic value to it. 

4 REPLIES 4

Nick Derbawka1
Giga Contributor

Hi, Rithesh!

Looking into the documentation found, here: https://docs.servicenow.com/bundle/orlando-servicenow-platform/page/administer/flow-designer/referen...

I think the following portion towards the bottom of that docs page is pertinent to your question:

"Flow Designer only allows Password2 data pills to be dragged into the following field types:

  • Email body fields
  • HTML fields
  • Password 2 Fields
  • PowerShell Input Variables
  • REST fields
    • Variables
    • REST payload body
    • Query parameters
    • Headers
    • REST multi-part form values
    • Form URL-encoded values
  • SOAP fields
    • Headers
    • Envelope"

kevan_smith
Mega Expert

Hi Rithesh.  If I understand your issue correctly, you're trying to  create/reset/update a user/password using the Microsoft AD spoke.  Those actions, along with most other password-related actions, require Password2 data pills, and there is no Password2 data type in the Catalog.  What to do?

 

I recently faced this same issue, and the solution I found was to create an Action that encrypts your plain text password and returns a Password2 data pill.  This is about as simple as a custom script action can get, the GlideEncryptor API does all the hard work: 

kevan_smith_2-1664829171466.png

 

Here's the Script step:

 

 

 

(function execute(inputs, outputs) {
    var encr = new GlideEncrypter();
    var encryptedPassword = encr.encrypt(inputs.password);
    outputs.password2 = encryptedPassword;

    // Debug code to validate encryption
    //var decryptedPassword = encr.decrypt(encryptedPassword);
    //outputs.error_message = inputs.password + " >> " + encryptedPassword + " >> " + decryptedPassword + "\n";
    //outputs.error_message += (inputs.password == decryptedPassword ? "IT WORKED" : "DOES NOT MATCH");
})(inputs, outputs);

 

 

 

Thanks for this Kevan! It was a great help! 

 

One thing to add to this is that the scope for this custom action must be Global as GlideEncryptor is not allowed in scoped apps.

Alex D Great
Tera Contributor

Another solution here is to use the type "masked" on the password field 😉

AHN_0-1725003674817.png