Skip to main content

Sensitive data

Pega Robot Studio allows developers to use a special variable type to store sensitive data, such as passwords, credit card details, or personally identifiable information. Sensitive data is hidden when used within an automation and when logging and debugging, and is masked when stored within a project automation file or in the desktop memory.

Sensitive data type

The Sensitive Data variable is a variable type based on the String type, and is located in the Variables section of the Toolbox. When added to an automation, the sensitive data value is not displayed on the design block when debugging or editing an automation flow. It is also not visible in execution logs. 

In the following example, the Sensitive Data variable provides a password for logging in. The variable's value is not displayed on the design surface; instead, a lock icon is displayed.

Screenshot showing a SensitiveData variable being used in a log-in automation.

When you enter the value into the Sensitive Data type design block, (*) password characters are displayed. 

The password variable value is also not visible in execution logs - a sensitive data label is displayed instead. 

Logging sensitive data

In the following example, the login automation is in debugging mode. The password variable value is marked as hidden, and you cannot see the value once it is passed to the txtPassword value property. 

Screenshot showing hiding sensitive data in a debugging mode.

The Sensitive Data VariableType property is read-only and is set to Sensitive. Once you add the data type to your automation, you can't change Sensitive or Encrypted properties on the property grid. The Encrypt property indicates that a variable is masked if stored in the automation development file or in memory.

Screenshot showing a property grid of a variable with Sensitive Data type

You can use the Sensitive Data type variable as an input or output parameter of an automation. When sensitive data is passed between automations, it is still protected from being visible in logs or in debugging mode. The Sensitive Data type is built on a string so that it can take all values passed.

Screenshot showing adding a SensitiveData as an input parameter of the automation.

 

Sensitive controls and variables

When you interrogate an application, any controls containing passwords or other password-masked data are automatically marked as inherently sensitive. The Sensitive property is set to true and is not editable. For example, controls with a password character or HTML type equals password are inherently sensitive. 

In the following example, the Pega Finance login form contains a text field marked as input type="password." After interrogation, the control is created with the read-only Sensitive property set to true. 

Pega finance login page
Screenshot showing a property grid of the sensitive control containing password.

If a control is not detected as being inherently sensitive, the automation developer can still mark it as sensitive to prevent it from being visible in logs and debugging mode. For example, a user's credit card number is visible in the user's profile of the banking application, but it must not be visible in logs from automated transactions. To fulfill this requirement, an automation developer marks the Sensitive property in the property grid of the control.   

A developer can mark any variable, local or global, as sensitive on the variable's property grid. A Sensitive Data variable is available that treats the value as a string. For more information see the Automation variables topic.

Check your knowledge with the following interaction.


This Topic is available in the following Module:

If you are having problems with your training, please review the Pega Academy Support FAQs.

Did you find this content helpful?

Want to help us improve this content?

We'd prefer it if you saw us at our best.

Pega Academy has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice