1. Mobile Plugin Framework
  2. Sensitive Data

Sensitive Data

You can set key-value pairs of sensitive data that is securely stored by Oracle Fusion Field Service on both, client and server sides. Examples of sensitive data include passwords and endpoints for Oracle Fusion Field Service Core API or external APIs.

Sensitive data is passed to the plugin through the plugin API in decrypted form, so the plugin can access APIs or third-party services without having to store and secure the credentials. The plugin stores the sensitive data in a JavaScript variable every time it receives a message from Oracle Fusion Field Service. Changes to this data are sent to Oracle Fusion Field Service during the next synchronization. This data is sent to the plugin when the next message is sent. The plugin also receives the up-to-date data with every message.

Configure Sensitive Data

You add sensitive information in the Secure parameters section on the Configuration > Forms & Plugins > Add/Modify plugin page. You can add up to 20 key-value pairs. When the plugin is modified, JSON is read from the database, decrypted, parsed, and displayed as key-value text box pairs, maintaining original order. Key and values are validated against length limitations in this way:

  • Key-value pairs are translated to JSON.

  • Length of the resulting JSON string (in bytes) is displayed on the page.

  • If the length exceeds 5 KB, a warning message is shown.

Additionally, to prevent request forging, the resulting string is validated on the server to be:

  • Valid JSON string

  • Has correct format

  • Doesn't exceed length limit

If these requirements aren't met, a warning message is shown. Each message sent by Oracle Fusion Field Service Core Application to a plugin, where the method is one of the supported methods, contains the field securedData. Format of the messages for other methods, for example, 'error' does not change. The message contains securedData, if at least one key-value pair is configured on the Configuration > Forms & Plugins > Add/Modify plugin page.

Supported Methods

The securedData parameter is available for the messages of init, open, and wakeup methods.

Format of securedData

securedData is an object, where:

  • Each key is a String, which equals to the contents of "key" text input on the Add/Modify plugin page.

  • Each value is a String, which equals to the contents of "value" text input for the corresponding key on the Add/Modify plugin page.

  • Order of entries is not guaranteed to be identical to the order of key-value pairs on the Add/Modify plugin page.

Example of open method data for Supervisor Plug-in

If your configuration is as given in the screenshot:
This screenshot shows the Secure parameters section on the Add/Modify plugin page.
Here's the message the plugin receives when opened:
{
    "apiVersion": 1,
    "method": "open",
    "entity": "activityList",
    "resource": {
        "external_id": "33001",
        "manager": "admin"
    },
    "activityList": {
        "4224031": {
            "aid": "4224031"
        }
    },
    "inventoryList": {
        "21064417": {
            "invid": "21064417"
        }
    },
    "securedData": {
        "ofsInstance": "sunrise.test",
        "ofsRestEndpoint": "https://<instance_name>.fs.ocs.oraclecloud.com/rest/",
        "ofsRestClientId": "sample_app",
        "ofsRestClientSecret": "d1e0f03636747b968cd66ead50bd53984e1f1393a3e1503c4e4be9421be00aa5"
    }
}