Maximo

Hello Team,

Is there any way to hide some attributes from an application while creating a report?

Suppose we go to the Users applications and click on Run Reports.
Then we select the Content and from available fields, we can select the Password field and run the report. The encrypted password can be seen in the report.


Is it possible to hide the Password field from Run Report so that it can never be selected and exported in a report?

Also, what type of encryption does Maximo use to encrypt the Maximo Password, Save Anywhere Password in Mobile Device & for encrypting an APIKEY.

Thanks in advance

------------------------------
SHASHANK .
------------------------------

#Maximo
#AssetandFacilitiesManagement

On the reporting object structure, you can exclude the column using the Exclude/Include fields action in the Object Structures application. That will prevent the user from selecting the column. NOTE: The "Exclude attributes mode" where only columns you specify on a table are available is only supported on Integration and will not work for a report.


As for the encryption, the 3 you called out are all a little bit different.

The Maximo password is a CRYPTOX column which is 1 way encrypted. For fields like the password what we do is encrypt the user provided value to see if it matches the encrypted value but we have no way to get back to the original value.

The APIKEY will depend on the system property (mxe.secureapikey) being enabled which was added in 7.6.1.2. If it's enabled (which it is by default), it is essentially like a CRYTPO column which is 2 way encrypted (meaning we can get back to the original plaintext version). Integration settings (such as endpoint passwords) are all CRYPTO instead of CRYPTOX because we need to be able to get them in plain text form to send to the original system. If you are on an earlier version or have it disabled, the API key in the database is actually the plain text version of the API key. I would not recommend utilizing API keys until 7.6.1.2.

Crypto & Crytpox actually can be configured for each environment. We have some documentation on that here: https://www.ibm.com/support/pages/changing-encryption-algorithm. Just be aware that changing these settings on an existing Maximo system will NOT update the existing records so you would need to do manual data cleanup in that scenario.  

For Mobile (Maximo Mobile or Anywhere), we take the username and password and turn that into an encryption key that unlocks the local database. This enables us to allow the user to login offline. I don't know if we've published the specifics about that encryption. 

------------------------------
Steven Shull
------------------------------

Original Message:
Sent: Tue August 02, 2022 04:38 AM
From: SHASHANK .
Subject: Is there a way to hide a persistent attribute from an object to not show in Available Fields list while creating an Adhoc Report of Content type?

Hello Team,

Is there any way to hide some attributes from an application while creating a report?

Suppose we go to the Users applications and click on Run Reports.
Then we select the Content and from available fields, we can select the Password field and run the report. The encrypted password can be seen in the report.


Is it possible to hide the Password field from Run Report so that it can never be selected and exported in a report?

Also, what type of encryption does Maximo use to encrypt the Maximo Password, Save Anywhere Password in Mobile Device & for encrypting an APIKEY.

Thanks in advance

------------------------------
SHASHANK .
------------------------------

#Maximo
#AssetandFacilitiesManagement