Project secrets encryption

Encrypt sensitive data contained in projects within a specific organization.

Requirements

To encrypt project secrets, while creating a project or saving an existing project:
  • Log on to
    FactoryTalk Hub
    in
    FactoryTalk Optix Studio
    .
  • Be a part of an organization.
  • Select
    Encrypt secrets
    .

Encryption scope

FactoryTalk Optix
:
  • Encrypts passwords in projects.
  • Encrypts custom objects with the Password DataType.
  • In the project
    YAML
    files, which represent the project information model, replaces
    Value
    nodes with
    SecretValue
    nodes with encrypted text values.

Projects with encrypted secrets

FactoryTalk Optix
handles encrypted projects in a variety of ways:
  • Opening an encrypted project when you do not have access to the organization used to create the project blanks all project secrets.
  • Saving an encrypted project as an unencrypted project removes all secrets.
    TIP: User passwords are not considered secrets and are not encrypted with FactoryTalk Hub key.
  • Deploying an encrypted project to an unencrypted client displays a warning message. For more information, see Project encryption on a target device.
  • Pasting an object from an encrypted project to an unencrypted project blanks the secrets.
  • Adding an object to the Template Libraries in an encrypted project blanks the secrets.
  • Pasting a password as a text to the clipboard is disabled in encrypted projects.
Provide Feedback
Have questions or feedback about this documentation? Please submit your feedback here.