in Using Credentials in Blue Prism Processes example, since it puts the username as sensitive needs to be encrypted and only used by credential manager, Why username can be exposed from process? why it is not encrypted and cannot be seen as same as the password?
------------------------------
Sam Lima
------------------------------
1 BEST ANSWER
Helpful Answers
Hi @SamLima,
It is not at all necessary that username must be exposed. If you create username data item as 'Password' data type instead of 'Text' data type then you would be able to pass it to the 'Get Credentials' action's output parameter and get the username in an encrypted format. You may get a warning popup if you do so ignore that and just run the process. You should get the result as below:
Now coming to the point why it is not encrypted is for the reason that in most cases, username field are used as apart of authorization and username is something which can be used to identify a credential uniquely.
Suppose, assume you have 10 robots running for a process and each robot has it's own service account for using any target application then you may want to know what username accessed at which point of time from an audit prospect in some sort using either an Environment lock comment or a queue item tag. Again, it depends totally on your business process, if you are going to use them or not and if yes then how you are going to maintain the sensitivity of the data.
In four of my projects which I used to work for a highly reputed financial client, the GDPR and compliance policies were strictly followed so even while developing processes for them we were never supposed to use any text item to store the username as well. So, I used this same logic which I showed you in my screenshot during my tenure with that client.
------------------------------
----------------------------------
Hope it helps you out and if my solution resolves your query, then please mark it as the 'Best Answer' so that the others members in the community having similar problem statement can track the answer easily in future
Regards,
Devneet Mohanty
Intelligent Process Automation Consultant | Sr. Consultant - Automation Developer,
Wonderbotz India Pvt. Ltd.
Blue Prism Community MVP | Blue Prism 7x Certified Professional
Website: https://devneet.github.io/
Email: devneetmohanty07@gmail.com
----------------------------------
------------------------------
It is not at all necessary that username must be exposed. If you create username data item as 'Password' data type instead of 'Text' data type then you would be able to pass it to the 'Get Credentials' action's output parameter and get the username in an encrypted format. You may get a warning popup if you do so ignore that and just run the process. You should get the result as below:
Now coming to the point why it is not encrypted is for the reason that in most cases, username field are used as apart of authorization and username is something which can be used to identify a credential uniquely.
Suppose, assume you have 10 robots running for a process and each robot has it's own service account for using any target application then you may want to know what username accessed at which point of time from an audit prospect in some sort using either an Environment lock comment or a queue item tag. Again, it depends totally on your business process, if you are going to use them or not and if yes then how you are going to maintain the sensitivity of the data.
In four of my projects which I used to work for a highly reputed financial client, the GDPR and compliance policies were strictly followed so even while developing processes for them we were never supposed to use any text item to store the username as well. So, I used this same logic which I showed you in my screenshot during my tenure with that client.
------------------------------
----------------------------------
Hope it helps you out and if my solution resolves your query, then please mark it as the 'Best Answer' so that the others members in the community having similar problem statement can track the answer easily in future
Regards,
Devneet Mohanty
Intelligent Process Automation Consultant | Sr. Consultant - Automation Developer,
Wonderbotz India Pvt. Ltd.
Blue Prism Community MVP | Blue Prism 7x Certified Professional
Website: https://devneet.github.io/
Email: devneetmohanty07@gmail.com
----------------------------------
------------------------------
Hi @SamLima,
It is not at all necessary that username must be exposed. If you create username data item as 'Password' data type instead of 'Text' data type then you would be able to pass it to the 'Get Credentials' action's output parameter and get the username in an encrypted format. You may get a warning popup if you do so ignore that and just run the process. You should get the result as below:
Now coming to the point why it is not encrypted is for the reason that in most cases, username field are used as apart of authorization and username is something which can be used to identify a credential uniquely.
Suppose, assume you have 10 robots running for a process and each robot has it's own service account for using any target application then you may want to know what username accessed at which point of time from an audit prospect in some sort using either an Environment lock comment or a queue item tag. Again, it depends totally on your business process, if you are going to use them or not and if yes then how you are going to maintain the sensitivity of the data.
In four of my projects which I used to work for a highly reputed financial client, the GDPR and compliance policies were strictly followed so even while developing processes for them we were never supposed to use any text item to store the username as well. So, I used this same logic which I showed you in my screenshot during my tenure with that client.
------------------------------
----------------------------------
Hope it helps you out and if my solution resolves your query, then please mark it as the 'Best Answer' so that the others members in the community having similar problem statement can track the answer easily in future
Regards,
Devneet Mohanty
Intelligent Process Automation Consultant | Sr. Consultant - Automation Developer,
Wonderbotz India Pvt. Ltd.
Blue Prism Community MVP | Blue Prism 7x Certified Professional
Website: https://devneet.github.io/
Email: devneetmohanty07@gmail.com
----------------------------------
------------------------------
It is not at all necessary that username must be exposed. If you create username data item as 'Password' data type instead of 'Text' data type then you would be able to pass it to the 'Get Credentials' action's output parameter and get the username in an encrypted format. You may get a warning popup if you do so ignore that and just run the process. You should get the result as below:
Now coming to the point why it is not encrypted is for the reason that in most cases, username field are used as apart of authorization and username is something which can be used to identify a credential uniquely.
Suppose, assume you have 10 robots running for a process and each robot has it's own service account for using any target application then you may want to know what username accessed at which point of time from an audit prospect in some sort using either an Environment lock comment or a queue item tag. Again, it depends totally on your business process, if you are going to use them or not and if yes then how you are going to maintain the sensitivity of the data.
In four of my projects which I used to work for a highly reputed financial client, the GDPR and compliance policies were strictly followed so even while developing processes for them we were never supposed to use any text item to store the username as well. So, I used this same logic which I showed you in my screenshot during my tenure with that client.
------------------------------
----------------------------------
Hope it helps you out and if my solution resolves your query, then please mark it as the 'Best Answer' so that the others members in the community having similar problem statement can track the answer easily in future
Regards,
Devneet Mohanty
Intelligent Process Automation Consultant | Sr. Consultant - Automation Developer,
Wonderbotz India Pvt. Ltd.
Blue Prism Community MVP | Blue Prism 7x Certified Professional
Website: https://devneet.github.io/
Email: devneetmohanty07@gmail.com
----------------------------------
------------------------------
