Encryption and CWS calls

AASTF · 2023-02-15T03:14:19+00:00

There was an error rendering this rich post.

We have requirements to use encrypted dataid for the node services. Is there such feature or functionality within CWS to encrypt at least the dataid or the whole request if possible.

The reason is we will be having an external business application integrated with our OTCS, and trying to ensure that document dataid cannot be exposed from the external system.

Find more posts tagged with

Comments

appuq

The DataiD in OTCS can be masked using a suitable nickname, not sure if CWS understands nicknames it should theoretically.

Greg Griffiths

There is nothing in the product that allows for encryption of dataid, or any other parameter. The closest you get is to use a nickname, as @appuq suggests, but this is a simple alias for the object rather than an encrypted id.

You can use secure protocols like HTTPS to encrypt the transport.

It should be possible to extend the code, in OScript to handle an encoded / encrypted parameter and decode it at the top of the code, but that would be custom development and also have a performance overhead for the decode on each request etc.