Secure Text user input control

  • Release version: Australia
  • Updated March 12, 2026
  • 3 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Secure Text User Input Control

    The Secure Text user input control is designed to encrypt sensitive information entered by users, particularly in scenarios involving large language model (LLM) topic discovery. By utilizing this control, organizations can ensure that sensitive data is not transmitted through LLMs, thereby enhancing data security.

    Show full answer Show less

    Key Features

    • Node Name: Identifies the control in the topic flow.
    • Prompt: A customizable message prompting users for input (e.g., "What is your password?").
    • Input Format: Validates user input against specified formats (e.g., Text, Email, IP address, Phone number, URL, Custom).
    • Hash Function: Implements a digest algorithm based on WS-Security standards.
    • Encryption Salt: Uses random data to enhance hashing security.
    • Confirmation Messages: Provides feedback to users upon successful input.
    • Hide or Skip Node: Allows conditional visibility or skipping of the node in the conversation flow.
    • Channel Support: Compatibility with various channels such as Web UI, Mobile UI, Microsoft Teams, and more, with specific constraints noted for some platforms.

    Key Outcomes

    By implementing the Secure Text user input control, ServiceNow customers can securely gather sensitive user information while ensuring compliance with data protection standards. This control enhances user experience by providing validation, confirmation, and conditional interactions, ultimately leading to more secure and efficient data handling in automated conversations.

    The Secure Text control provides a means to encrypt sensitive information provided as simple text or other formats. Use this control to encrypt sensitive information in topics that use large language model (LLM) discovery.

    Use this control to gather and encrypt user information for topics using large language model (LLM) topic discovery. The Secure Text input also avoids sensitive information from being sent through an LLM.

    Secure Text user input control properties

    Property Description
    Node name Name that identifies this Secure Text user input control node in the topic flow.
    Prompt Text string or script that returns text. This value is used only when the default value isn’t specified. For example: What is your password?
    Input format

    Text format that is validated when a user enters certain text items. When the input isn’t valid, the bot asks the user to reenter the text.

    Choose the format of the text item to be validated:

    • Text: Any text string (no validation).
    • Email: Format that consists of an email prefix (user name), the @ symbol, and domain.
    • IP address (IPV4, IPV6): Data communication delivery format for internet Protocol version 4 or version 6.
    • Phone number (E.164): Internationally recognized standard phone number format.
    • URL: Web address format.
    • Custom: A script that provides a validation rule for a custom text format. The script should include related error messages that are displayed when the expected format isn’t entered.

    For phone and IP address format examples, see E.164 phone formats and IP address field types.
    Hash function The method digest algorithm based on the standard WS-Security specification.
    Encryption salt Random data that is used as an additional input to a one-way function that hashes data.
    Advanced
    Default value A value for the user response to the prompt. For example, if you already know the user name, the default value might be (Script Variables > Last username).
    Confirmation messages
    Input completion confirmation

    Bot response shown to the user when the node interaction is complete. The message can be either a text string or a script that returns text. For example, if you're using dot-walking: Thanks, (Input Variables > Username)! Or if you're using a script, the acknowledgement might be: Thanks, {{vaInputs.username}}!

    Default value confirmation Message that asks the user to verify that the value in the Default value field is correct. This message is used instead of a value in the Prompt field. For example: Are you (Script Variables > Username)?
    Hide or skip this node
    Conditionally show this node

    No-code condition statement or low-code script that specifies a condition for presenting this node in the conversation. The condition must evaluate to true.
    Allow user to skip this node

    No-code condition statement or low-code script that specifies a condition for letting users skip this node in the conversation. The condition must evaluate to true. You can set this field using either the condition builder or a script.
    Skip reprompting No-code condition statement or low-code script that specifies a condition for letting users skip reprompting in the conversation. When a preceding node is revisited through a topic loopback or Dialog Act, the Virtual Agent bypasses this node and automatically retain its original value.

    Example Secure Text user input control

    Input properties Input prompt
    Figure 1. Secure Text input control basic properties
    Secure Text user input basic properties include node name, prompt, input format, hash function, and encryption salt. Advanced options include Default value, Confirmation message, and Hide or skip this node.
    Figure 2. Web UI Secure Text user input prompt
    Secure Text input shown in the web client. The text reads, “What is your first and last name?” and the user response is automatically hidden.

    Channel support

    Note:
    Virtual Agent Designer controls may display and function differently in other channels.
    Table 1. Channel support for the Text user input control
    Channel Support Constraints
    Web UI Supported None.
    Mobile UI Supported None.
    Now Assist panel Supported None.
    Microsoft Teams Supported None.
    Slack Supported Slack users can edit text previously entered in a conversation. However, Virtual Agent processes messages as they’re first entered. If a Slack user edits text input, such as a comment to update a case, then Virtual Agent doesn’t evaluate the edited update.
    Workplace Supported None.
    Facebook Messenger Supported The maximum character limit is 5000 characters.
    SMS Twilio Supported None.
    LINE Supported The maximum character limit is 5000 characters.
    WhatsApp Supported None.
    Apple Messages for Business Supported None.
    Alexa (Voice) Supported For screen devices, character limits may apply. For more information, see the Alexa developer documentation.