Solved

Mask a parameter

  • 5 February 2024
  • 2 replies
  • 21 views
S
Userlevel 3
Badge +16

Hi,

I have a rule which calls another form and passes a paramater to it. Problem is, users can see that paramater in the browser URL and change it. Is there anyway of masking a paramater name and id displayed in browser?

Thanks,

icon

Best answer by Sharpharp1 9 February 2024, 09:44

View original

2 replies

S
Userlevel 2
Badge +4

Hi Sharpharp

The short answer is, this is not a feature in Nintex Automation on Prem (Old K2).  Unfortunately you will have to work around the problem.

Of the top of my head.

  1. If you have a task form only the user that the task is assigned to can access the task.  So by creating a parameter on the form called SN witch contains the task serial number accessible only by the required user you can read the parameter value through the Open A Worklist Item action and populate a control, SmartObject property or form/view Parameter(It wont show up in the browser URL).
  2. Build your solution to the problem.  Store what users have access to specific information as part of you solution.  Then Create rules that will evaluates the data and treat the situation accordingly.
  3. Underlying security.  If you are using SharePoint SharePoint permission can stop users from accessing information they should not see.  K2 uses OAuth when accessing SharePoint.  

Hope this helps

Francois
S
Userlevel 3
Badge +16

Hi,

Thanks for your reply, I was able to get around this issue by finding an old post which suggested avoiding parameters altogether and passing the vale to a View instead. -This way, the URL is generic and no additional info is visible.

Reply


View our Community Site Map

Nintex Community Sitemap
Terms & ConditionsCookie settings