GlideEncrypter Deprecation
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-02-2026 08:08 AM
Hi Team
We are currently remediating deprecated GlideEncrypter usage across our ServiceNow instance and would like guidance on the recommended replacement approach for different implementation types.
We have GlideEncrypter usage in:
- Flow Designer actions
- Business Rules
- Classic Workflows(activity)
- Script Includes
We reviewed KB1320986, KB1704481, and KB1700626, but we would like confirmation on the correct implementation pattern for each scenario.
Our current understanding is:
- Password (2 Way Encrypted) fields
→ use getDecryptedValue()
- Flow Designer script layer
→ use FlowKMFEncrypter or avoid manual decryption when REST/SOAP steps handle it automatically
- Workflow/custom encrypted values
→ use KMFCryptoOperation (KMF) only if encryption is actually required
- Plaintext workflow outputs from MID Server scripts
→ consume data.get(x).output directly without decryption
- MID/REST transport
→ continue using AutomationAPI.encrypt()
One specific case:
Our MID Server PowerShell script returns plaintext output in this format:
RETURNDATA: APPID USER PASS
Previously, workflows used:
new GlideEncrypter().decrypt(data.get(x).output)
Since the MID script does not perform encryption, we want to confirm whether:
- GlideEncrypter should simply be removed and workflow output consumed directly, OR
- KMF encryption/decryption should still be implemented on the ServiceNow workflow side if we want workflow values encrypted internally.
Looking for best-practice guidance from anyone who has already completed GlideEncrypter remediation across Flows, Business Rules, Script Includes, and Workflows.
0 REPLIES 0