Software Engineer
Subscribe to the newsletter
In today’s data-driven business environment, safeguarding sensitive information is more important than ever. Microsoft Dynamics 365 Finance and Operations provides robust tools to help organizations meet data security and compliance requirements. One such feature is the ability to create encrypted fields, which ensures that critical data, such as personal identifiers or financial details, is securely stored and inaccessible to unauthorized users.
This guide walks you through the step-by-step process of creating an encrypted field in Dynamics 365 F&O using X++ code, enabling you to protect your data while maintaining seamless functionality. Whether you’re a developer or an IT administrator, this tutorial is tailored to help you implement encryption effectively.
What is an encrypted field?
An encrypted field is a database field designed to store sensitive information in an encrypted format. This means that even if someone gains unauthorized access to the database, they won’t be able to read the sensitive data without proper decryption. A common example in Dynamics 365 is the SMTP password field in the Email Parameters form. In the user interface, the password is masked (hidden from view), and in the database, it’s stored securely in an encrypted format.
What is the purpose of an encrypted field?
Storing sensitive data like passwords or personal information in plain text is a security risk. If your database is compromised, this data could easily be exploited. By encrypting such fields, you ensure that:
- Your data is protected from unauthorized access.
- The field content remains unreadable without the proper decryption key.
- Your application adheres to security best practices and compliance standards.
Getting started with encrypted field in Dynamics 365 for Finance and Operations
Now let’s see how encryption works under the hood and learn how to implement it in your tables and forms in Dynamics 365 Finance and Operations.
Encrypted fields in Microsoft Dynamics 365 Finance and Operations
Encrypted fields are not stored as plain text in the database. Instead, their values are encrypted using a specific key, and the encrypted data is saved.
It’s important to note that each environment has its own unique encryption key. As a result, when data from one environment (e.g., Production) is refreshed into another (e.g., Sandbox or Development), the values of encrypted fields cannot be decrypted because the keys are different.
Steps for creating an encrypted field
To add a new field to a form in Dynamics 365 Finance and Operations, the first step is to create the field in the corresponding table. In this example, we’ll add an encrypted field to the RetailParameters table and display it on its form.
Step 1: Extend the table
- Create a table extension: In your model, extend the RetailParameters table.
2. Add the encrypted field:
- Go to the EDTs in the AOT.
- Locate the EncryptedField EDT.
- Drag and drop the EncryptedField EDT into your RetailParameters table extension.
3. Rename the field: Assign a meaningful name to your new field. For example, we’ll name it EncryptedField as given in the following screenshot.
Step 2: Add a code extension
To handle encrypted fields effectively, you need methods to encrypt and decrypt the field content. These methods will allow the field to function properly on forms, where the encrypted data will be presented as editable text.
Create a code extension for RetailParameters:
Extend the RetailParameters table in your model.
[ExtensionOf(tableStr(RetailParameters))]
final class RetailParameter_Extension
{
public edit Name EncryptedNameEdit(boolean _set, Name _value)
{
return Global::editEncryptedField(this, _value, fieldNum(RetailParameters, EncryptedField), _set);
}
}
When working with encrypted fields, a regular edit method is used, but it leverages existing system methods to handle encryption and decryption securely. Specifically, the Global::editEncryptedField method is called, which internally invokes the Appl class’s kernel methods, EncryptForPurpose and DecryptForPurpose, to handle the actual encryption and decryption operations.
Step 3: Add the field to the form
Now that the encrypted field is set up in the table and the required methods are implemented, the final step is to add it to the form. This will ensure that the field is displayed and functions properly in the UI. To add a field to the form, follow these steps:
- Open the form: Open the form where you want to display the encrypted field (e.g., RetailParameters).
- Add a new string field: Right-click on the form’s Design node and add a new String Control.
- Set the Data Source property of the control to the RetailParameters table.
- Set the Data Method property to RetailParameter_Extension.EncryptedNameEdit.
- Set the property Password Style to Yes. All the properties are shown in the figure below.
3. Check the field data type: If the base data type of your field is not a string, you’ll need to use a control that matches the field’s data type.
For example:
Use a Real Control for a field based on a real data type.
Use an Integer Control for integer fields.
4. Compile and Synchronize: After adding the field, compile your project and synchronize the database to ensure all changes are applied.
Step 4: View the field in the UI
Once the synchronization and compilation are complete, open the form in the application. You should now see the new encrypted field. When you enter or edit data in the field, it will be encrypted before being saved to the database and decrypted when displayed in the form.
Now open the form and the field is visible here.
Now enter the values and it will be inserted in Database in encrypted form. Select the values from the database in SQL server.
Summing up
Adding encrypted fields into Microsoft Dynamics 365 Finance and Operations is a critical step toward ensuring data security and compliance. Now that you know how does encryption work, following the outlined process, you can safeguard sensitive information while maintaining system efficiency. For further assistance or advanced customization, don’t hesitate to reach out to our team at marketing@confiz.com.
