Record producers allow end users to create task-based records, such as incident
records, from the Service Catalog and
Service Portal. If a record
producer attempts to insert data into a field marked for encryption, an invalid insert
message displays and the data is not saved to the field. To configure your Edge Encryption proxy server to allow
inserts from a record producer, create encryption rules from the record producer
record.
Role required: security_admin
Encrypting data from a record producer requires an
encryption configuration defined for the target field. Check that you have created
an encryption configuration for the target field and table before creating an
encryption rule from a record producer. See Create an encryption configuration. To encrypt
attachments from a record producer, Configure attachment encryption.
-
Log in to your instance through the Edge Encryption proxy
server.
-
Navigate to .
-
Create a record
producer
record or open an existing record producer
record.
-
Under Related Links, select Create Edge
Encryption Rule.
Two inactive encryption rules are automatically created to encrypt data
sent from the record producer to the field marked for encryption.
Encryption rule |
Description |
<RecordProducerName> |
Rule created to process POST parameters from the Service Catalog and map variables to fields in the instance. |
<RecordProducerName>Json |
Rule created to process a JSON payload from the Service Portal and map variables to fields in the instance. |
-
Activate the necessary encryption rules created by the record producer.
-
Navigate to .
-
Depending on where the record producer will be used, open the
associated encryption rule created by the record producer and select the
Active flag.
If using the record producer in the Service Catalog,
activate the <RecordProducerName> encryption rule. If using the
record producer in the Service Portal,
activate the <RecordProducerName>Json encryption rule.
- (Optional)
Examine the Encryption rule Action
field and add any necessary field names or statements.
If a record producer directly maps a variable to a field in a table, the
encryption rule automatically maps the variable to the correct field.
However, if a variable is indirectly mapped through various scripts on the
platform, you may need to update the rules to map each variable to the
correct field.
The below encryption rule was created from the Report Outage record producer
and processes POST parameters from the Service Catalog to
map variables to fields in the instance. Replace 'FILL ME
IN'
with the target field.

The below encryption rule was created from the Report Outage record producer
and processes a JSON payload from the Service Portal to map
variables to fields in the instance. Add additional statements to map any
scripted variables to the target fields.

When the payload from the record producer is examined, the error_message
element contains the value for the short_description field. By adding the
following statement, you can map the scripted variable error_message to the
short_description field.
if (jsonElement.getName() == 'error_message')
jsonElement.valueFor(tableName, 'short_description');
The value of the Action field becomes:
function ReportOutageJsonAction(request) {
var tableName = 'incident';
// Some fields are set in script, additional parameter lines may need to be added
// current.comments is accessed via script from notes; // assignment to current.comments does NOT replace existing values
// current.short_description is accessed via script from short_description;
// current.description is accessed via script from current.short_description;
// current.caller_id is accessed via script from gs.getUserID();
var jsonContent = request.getAsJsonContent();
for (var jsonElementItr = jsonContent.getIterator('variables'); jsonElementItr.hasNext();) {
var jsonElement = jsonElementItr.next();
if (jsonElement.getName() == 'error_message')
jsonElement.valueFor(tableName, 'short_description');
} else {
jsonElement.valueFor(tableName, jsonElement.getName());
}
}
The two encryption rules enable the record producer to
insert values into fields marked for encryption from either the Service Catalog or Service Portal.