Not sure where you guys have input for feature requests/enhancements/upgrades but I have one that would be very useful.
Would like to have an option on schema editor when creating or editing columns for “secure” object. For me, I am doing financial apps with healthcare and have a requirement to enter and store sensitive data.
Ideal scenario is to mask sensitive fields in the console and to unmask need admin rights…
Hi Mark, I can be a little clearer. As admin I can create a user and set password in console, as soon as saved the password raw text is no longer displayed and assumably is also encrypted in database. I was just suggesting the option to do the same for fields I create so I can enter raw text in creating new object but that text will now be displayed in table. I suppose I could go to field_level security and only allow super_admin rights or something like that.
I’m still turning knobs and dials with your platform…Liking it!
Thanks for clarifying. Passwords are indeed hashed and salted, so retrieving the original “raw” value for a password is not possible (it is a one-way encryption). Suppose the same is possible for some other column. What good would it do if you cannot retrieve the original (raw) value?
Hello,
If i want to store some sensitive data in a table is there a way with backendless API to store them encrypted or i should do the encryption and decryption by myself?
Thanks.
If you want to protect sensitive data from retrieving (e.g. of other developers) you may use Role/User permissions for table or record.
If you are talking specifically about encryption/decryption – then no, Backendless has no integrated encryption mechanisms at this time.
I would like to learn a bit more about the use-case you envision, so I could suggest the best possible solution. Could you please describe what you’re trying to accomplish. I understand you want your objects to be stored encrypted, but I’d like to learn the ultimate goal. Some ideas I had in mind are:
Data can not be seen in the management console
Data can be retrieved in the decrypted format only when some special key is provided by the client app.