The Encrypt Message policy helps in encrypting messages before sending them to the target endpoint or an API consumer. Encryption is done based on a key (user-defined) and an algorithm.


The properties that have to be configured to use the policy are described below.

Figure 1: Encrypt Message Policy Configuration 

Encryption AlgorithmSelect the algorithm to be used for encryption. The supported algorithms are DES, Base64, TripleDES, AES256, AES128, RC2-40, RC2-64, and RC2-128.
Encryption KeySpecify the key which is used to encrypt the incoming data. Specify 32 digit key for AES256, 16 digit key for AES128, 16 digit key for DES, 24 digit key for TripleDES, 5 digit key for RC2_40, 8 digit key for RC2_64 and 16 digit key for RC2_128
Allow Padding to keyEnable this property to allow padding to the key to make the exact value to be required for the mentioned algorithm. It has to be chosen only when the encrypted data key is also padded.
Initialization VectorMention the unique 64 bit input used in the encryption.


This example illustrates the encryption of Target Response message.


Decryption of Proxy Response message is explained in the Decrypt Message section.

When Encrypt Message policy is not configured, the response for the request:

 will be

{"Envelope": {"Body": {"ConversionRateResponse": {"ConversionRateResult": "0.0157"}}}}

Create an Encrypt Message policy with the default configuration and add it to Target Response scope.

The response after this configuration is displayed below:


Refer to the example in the Decrypt Message section for decryption of the Proxy Response message

Adaptavist ThemeBuilder EngineAtlassian Confluence