Securely Handling Sensitive Information in Workflows

[sfmskywalker]

We need the ability to manage the display & logging of sensitive information, like connection strings and other sensitive information.

This feature needs to ensure that sensitive data is never stored, yet still accessible for the workflow's operation and is essential for maintaining the integrity and confidentiality of data.

Related issues

• [x] #4991

[dwoldo]

@sfmskywalker I found this, might be related? https://github.com/elsa-workflows/elsa-core/issues/221

Our product team is beginning work on storing sensitive data outside of Elsa's core database and using an activity to set transient variables (Elsa 2 language) for use within the workflow.

Some of our considerations include:

• Identity pass thru to ensure the given workflow identity or workflow initiating user identity can be validated and any claims/roles evaluated based on intended action.
• Sensitive values are masked or never logged (even accidentally)
• We can retrieve, add, or remove secrets via API.
• Secrets have expiration metadata and all secrete data is stored separately from the workflow database (e.g. different data store like Azure Kay Vault, or MySql)

Personally, I would be most interested in a way to mark values as sensitive (attribute for classes) or checkbox for variables in the designer. This would address data leakage concerns while giving us flexibility to build activities that may retrieve sensitive values.

While some of these are not concerns of Elsa, is there somewhere we could look and possibly create a PR?