Decrypting data flow

At times data that is encrypted by Forcepoint ONE SSE in an app is moved to another app. Data will need to be decrypted before it is sent or else the new application will not be able to interpret the data.

To do so, you will need to create a new API app to setup a decrypt endpoint so encrypted data can move through the Forcepoint ONE SSE API proxy and be decrypted.

Steps

  1. To begin we will need to add another API app. Follow the instructions under the Creating Any API Gateway.
  2. In the API app settings, add a new endpoint by clicking the green plus icon.


  3. Enter a Name.


  4. Enter the Request URI data will be moving to.
  5. Select the Format (should be JSON or XML).
  6. Select Decrypt Inline and then click Upload to enter a sample request.
  7. Add Match on Requests if you'd like it to only decrypt for specific posts, otherwise leave blank and just configure the field mapping with the specific JSON Path requests you want decrypted.


    Now you have your decryption API endpoint.

  8. When moving data from an app with encrypted data to another app, make sure you are using this new apps endpoint domain URL similar to above.

    For this example ours would be https://bg-7j7ct34mj7-964.api.bitglass.onpremise2.net/api/now/table/incident combining the Forcepoint ONE SSE domain URL given to us on the settings page appended with the Request URI.