Sensitive data
Pega Robot Studio allows developers to use a special variable type to store sensitive data, such as passwords, credit card details, or personally identifiable information. Sensitive data is hidden when used within an automation and when logging and debugging, and is masked when stored within a project automation file or in the desktop memory.
Sensitive data type
The Sensitive Data variable is a variable type based on the String type, and is located in the Variables section of the Toolbox. When added to an automation, the sensitive data value is not displayed on the design block when debugging or editing an automation flow. It is also not visible in execution logs.
In the following example, the Sensitive Data variable provides a password for logging in. The variable's value is not displayed on the design surface; instead, a lock icon is displayed.
When you enter the value into the Sensitive Data type design block, (*) password characters are displayed.
The password variable value is also not visible in execution logs - a sensitive data label is displayed instead.
In the following example, the login automation is in debugging mode. The password variable value is marked as hidden, and you cannot see the value once it is passed to the txtPassword value property.
The Sensitive Data VariableType property is read-only and is set to Sensitive. Once you add the data type to your automation, you can't change Sensitive or Encrypted properties on the property grid. The Encrypt property indicates that a variable is masked if stored in the automation development file or in memory.
You can use the Sensitive Data type variable as an input or output parameter of an automation. When sensitive data is passed between automations, it is still protected from being visible in logs or in debugging mode. The Sensitive Data type is built on a string so that it can take all values passed.
Sensitive controls and variables
When you interrogate an application, any controls containing passwords or other password-masked data are automatically marked as inherently sensitive. The Sensitive property is set to true and is not editable. For example, controls with a password character or HTML type equals password
are inherently sensitive.
In the following example, the Pega Finance login form contains a text field marked as input type="password." After interrogation, the control is created with the read-only Sensitive property set to true.
If a control is not detected as being inherently sensitive, the automation developer can still mark it as sensitive to prevent it from being visible in logs and debugging mode. For example, a user's credit card number is visible in the user's profile of the banking application, but it must not be visible in logs from automated transactions. To fulfill this requirement, an automation developer marks the Sensitive property in the property grid of the control.
A developer can mark any variable, local or global, as sensitive on the variable's property grid. A Sensitive Data variable is available that treats the value as a string. For more information see the Automation variables topic.
Check your knowledge with the following interaction.
This Topic is available in the following Module:
If you are having problems with your training, please review the Pega Academy Support FAQs.
Want to help us improve this content?