Creating a field of type secret in ISC

nitin_m_jain · October 28, 2024, 10:35am

Hi All,

We have a requirement to pull one attribute in ISC which should not be visible to anyone in clear text value. Please suggest if it is possible to create a secret field in ISC or is there any other way to achieve this use case.

Thanks & Regards,
Nitin Jain

gourab · October 28, 2024, 11:25am

Hi @nitin_m_jain ,
You can not directly hide/mask it. Here is an open idea for it: https://ideas.sailpoint.com/ideas/GOV-I-1720

You can encrypt the value using identity attribute rule and show in id attribute but I feel that will be no use in case you want to use it in any rule/transform directly.

gogubapu · October 28, 2024, 11:53am

Hi @nitin_m_jain,

What type of attribute you want to create in ISC, identity attribute or account attribute.

Thank You.

nitin_m_jain · October 28, 2024, 12:04pm

Hi Bapu,

It will be identity attribute.

Thanks,
Nitin Jain

neeraj99 · October 30, 2024, 3:41pm

I know this is not what you will be looking for but if you don’t want them to be readable in identity Attribute, maybe you can use a transform to change the data .
Something like this:

{
    "name": "Randomizer",
    "type": "concat",
    "attributes": {
        "values": [
            {
                "type": "randomAlphaNumeric", //change type if your data contains text only 
                "attributes": {
                    "length": "10" //determine based on the length you need
                }
            },
            {
                "type": "accountAttribute",
                "attributes": {
                    "sourceName": "HR Source", //change source name
                    "attributeName": "employeeID" //change attribute name
                }
            },
            {
                "type": "randomAlphaNumeric", //change type if your data contains text only 
                "attributes": {
                    "length": "10" //determine based on the length you need
                }
            }
        ]
    }
}

Input:

Output will look something like this:

ab38dha89q89230ew9a8facau

Now, let us say if you want that to be readable and something that only few people will know the pattern to, maybe you can add some Keyword in between to understand this fully

Obviously this is a workaround for now!! But do letme know if you end up using this

OR way better is if you want to kind of show as encrypted data, use this base 64 encoding transform:

{
  "type": "base64Encode",
  "name": "Base64 Encode Transform"
}

Output will be base64 encoded string.

system · December 29, 2024, 3:42pm

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Best practice for masking sensitive data in ISC ISC Discussion and Questions identity-security-cloud	4	165	July 9, 2024
How to add ISC Identity ID into account Provisioning Plan ISC Discussion and Questions identity-security-cloud , provisioning	6	53	December 8, 2024
Hide Identity Attribute ISC Discussion and Questions	7	1418	July 19, 2023
Best way to handle string to integer transformation for an attribute ISC Discussion and Questions transforms , rules , identity-security-cloud	4	60	December 13, 2024
Compliance Request Epic SER ISC Discussion and Questions apis , aggregation , identity-security-cloud , provisioning , connectors	10	48	January 25, 2025

Creating a field of type secret in ISC

Related topics