Use an encrypted field in a Notification

Garp Pahlow · ‎01-24-2018

I have a field on a form that is encrypted. In order to see it the user needs to set their Encryption Context with the picker. The customer needs to be able to have notifications sent to the email address that is stored in that field: in the "Who will receive" tab in the "Users/Groups in fields" field. Seems that the notifications run at a system level without the appropriate encryption context and thus ignores that field. Anyone know if it is possible to configure something to have the notification decrypt the field so it can be used as a recipient for the email?

Garp Pahlow · ‎01-25-2018

Curious about your thoughts on an unencrypted field, yet still secure. Can you provide some details?

I tried something similar, but it's not 100% secure if you have a role that permits creating business rules. I created a regular field on the table. I then configured ACLs to allow a specific role to have Create access. I then made Write and Read access have role "nobody". A business rule copies my encrypted field to that field on Insert. You cannot get to that field from the form, a list, or report. However, Business Rules and Notification scripts can.

ark6 · ‎01-25-2018

How about calling the field value through a script include from the email script. I haven't tried that but may be an option