Encrypt Field
This page is no longer maintained (Nov 12, 2025). For the most current information, go to 
Encrypt Field
In this article
- 1 Overview
- 2 Snap Views
- 2.1 Account
- 3 Snap Settings
- 4 Examples
- 4.1 Encrypting and Decrypting Messages Using RSA Public and Private Key
- 4.2 Encrypt Field Snap Without An Account: Decrypting Data With Snowflake DECRYPT_RAW Function in AES/GCM/NoPadding
- 4.3 Encrypt Field Snap With Passphrase-based Key Account: Decrypting Data With Snowflake DECRYPT_RAW function in AES/GCM/NoPadding
- 4.4 Downloads
Overview
You can use this Snap to encrypt individual field values in the input documents.
Snap Type
The Encrypt Field Snap is a Transform-type Snap.
Prerequisites
None.
Support for Ultra Pipelines
Works in Ultra Tasks.
Snap Views
Type | Format | Number of Views | Examples of Upstream and Downstream Snaps | Descirption |
|---|---|---|---|---|
Input | Document |
| Any Snap with a document output view | Stream of documents with a nested or flat map data |
Output | Document |
| Any Snap with a document input view | Same as input documents with specified field values encrypted |
Error | This Snap has at most one document error view and produces zero or more documents in the view. | |||
Account
KeyStore account or Passphrase-based Key account can used.
Use KeyStore account for X.509 key or secret (symmetric) key.
If no account is selected, the Key property should have an expression to be evaluated with the input document or the Pipeline parameter.
Snap Settings
Field | Field Type | Description | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
Label Default Value: Encrypt Field | String | |||||||||||
Fields to encrypt Default Value: | String | Use this field set to define the field path. | ||||||||||
Field path* Default Value: | String | A table for JSON-path expressions to fields to encrypt. Use the suggest button to select the field to encrypt. | ||||||||||
Transform type
Default Value: auto
| String | The cryptographic transformation to perform, expressed as algorithm/mode/padding. Use the suggest button to select a desired transformation type. When set to auto the transformation will be automatically selected based on the type of encryption key using the following table:
| ||||||||||
Advanced Options |
| |||||||||||
Key
Default value: None | String | Specify a JSON path or select the path by enabling the expression field that the Snap must evaluate with input document or pipeline parameter. The result must be the base64, PEM-encoded key, or non-encoded RSA public key.
Example_BINARY_Encrypt Decrypt X.509 certificate from input document.
| ||||||||||
Initialization vector
Default value: None | String | JSON-path expression to be evaluated with input documents or pipeline parameters to be the base64-encoded initialization vector. Leave empty to generate one automatically. Note that the content of the initialization vector should be different for every encryption operation. Reusing IVs will make the encryption operation less secure.
| ||||||||||
Encapsulate output Default Value: Selected | Checkbox | If selected, encrypted fields are JSON-encoded and encapsulated between "ENC:" and ":ENC" strings. When unselected, the field to be encrypted will be replaced with an object with the output of the encryption operation as needed to perform the decryption. | ||||||||||
Snap Execution Default Value: Vallidate & Execute | Dropdown list | Select one of the following three modes in which the Snap executes:
| ||||||||||
Have feedback? Email documentation@snaplogic.com | Ask a question in the SnapLogic Community
© 2017-2025 SnapLogic, Inc.