How to Hide specific data in orchestrator Queues

I Need to hide specific data being passed into orchestrator into a queue from visibility. Currently all variables being passed are shown need this to not be the case

What you are looking for are Cryptography actitivites β†’

You can hash and dehash values, while utilizing the queue securely incl. sensitive data.

Sometimes it is more practical to not use queue assets in any way, that it stores data. We use it in some cases (HR data for instance) only to store the hashed name of a file location and the necessary row/column information for us to start processing.

gz kc-x

Thanks, I have looked at and got the crypotgraphy package. No easier way than to use JSON file or ecryption/decryption?

Not really, no. Also, this is the most secure way. Please make sure not to not include the key for encryption into OR assets :smiley:

Two activities is all it takes, really.

Encrypt β†’ store in String (β€˜encr’)–> upload to queue β†’ receive queue item β†’ decrypt β€˜encr’ β†’ start processing

Edit: Actually, you could β€˜hide’ data by organizing yourself rigorously in modern folders, so other users are not able to read/see the data. However, in this approach, the data itself is written in plain text into the Orchestrator DB - so in terms of IT Security not really helpful.

If i have a itemcollection do i encrypt the reference ?

So for each transaction i have a large number of variables these are in the itemcollection. Which part do i need to encrypt?

depends on the part, that you want to hide. Usually, when we work with complex data types, we try to serialize them and transform to string before encrypting. But the best way on how to do it specifically for you is based on your use-case.

I need to hide all the sensitive data which makes up the item collection

Then you will want to follow the serialization process I described in my previous reply.

Please refer to List to Orchestrator queue item? - #5 by Florent_Salendres for more information.

Thanks will give it a go

1 Like

what is the best solution to populate a queue with sensitive data?