agilio | 2021-06-11 16:54:22 UTC | #1
Is it possible to modify the request template of a Data Action using the GET method so that a piece of the JSON pairs uses the base64 encoding?
To Visualize a quick Mock Up { "requestUrlTemplate": "https://someEndPoint/api/data/v9.2/accounts?${esc.number}top=3", "requestType": "GET", "headers": { "Authorization": "${authResponse.tokentype} ${authResponse.accesstoken}", "Accept": "application/json" }, "requestTemplate": "{\"number\":$encoding.base64(1232444)}" }
Please let me know
ChrisDibble | 2021-06-11 17:23:36 UTC | #3
agilio,
Can you clarify what use case you're trying to handle with your data action? As you mentioned in your post, there's a base64 encoding tool already available (documentation. However, for GET data actions, the requestTemplate field is unused.
-Chris
agilio | 2021-06-11 18:23:23 UTC | #4
True Good Point switch that to a POST. Can I use $encoding.base64() in the body of a POST? Will it also work in a requestURLTemplate like https://someEndPoint/api/data/v9.2/accounts](https://someendpoint/api/data/v9.2/accounts)?top=$encoding.base64(31234444)
ChrisDibble | 2021-06-11 18:38:30 UTC | #5
Yes, you can use that macro for both the requestTemplate and the query parameters. You'll need to format the number as a string since the macro takes a string as input. Here's an example config that shows how to configure both
{ "requestUrlTemplate": "https://someEndPoint/api/data/v9.2/accounts?top=$encoding.base64(\"123444\")", "requestType": "POST", "headers": {}, "requestTemplate": "{ \"number\":\"$encoding.base64(\"1232444\")\" }" }
agilio | 2021-06-15 16:38:31 UTC | #6
Thanks. One more question. I just want to confirm that there is no way today that I could use a customer provided cert to encrypt the data in base64?
Jerome.Saint-Marc | 2021-06-15 16:57:58 UTC | #7
Hello,
Base64 is about encoding (bynary to text). It is not about encryption. So to answer your question - no, you cannot leverage a customer provided cert to encrypt data in base64.
Regards,
agilio | 2021-06-15 21:44:12 UTC | #8
Any suggestions within the product? Customer for PCI reasons does not want to send data off the system without encrypting it first. So a third party service to encrypt would not fit within their PCI definitions.
tim.smith | 2021-06-15 21:52:42 UTC | #9
If the service you're calling uses HTTPS, data in the request body is encrypted. That should meet the customer's requirement as you stated it; the unencrypted data only exists within Genesys Cloud and within the receiving service after it has decrypted the HTTPS payload. The data in transit in the HTTPS packets is encrypted and cannot be viewed without using the correct cert to decrypt it.
agilio | 2021-06-15 22:09:26 UTC | #10
That was my response to them as well but their requirements state that on top of the standard HTTPS encryption the CC# must be encrypted as well.
tim.smith | 2021-06-15 22:15:12 UTC | #11
Data actions don't support double encryption like that. You can request new features and share your use case at https://genesyscloud.ideas.aha.io/.
system | 2021-07-16 22:15:14 UTC | #12
This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.
This post was migrated from the old Developer Forum.
ref: 11180