Decoding bubble AES data in a repeating group

I have encoded data in a bubble database but I would like to encode it and show it in a repeating group. Any tips for this? I can decode it with a single element using plugins but not on a repeating group.

Also, I tried to use HMAC SHA1 for decoding and encoding and display decoded text with :formatting that is build in Bubble but I get this value “HMAC Digest computation on the client” instead of decoded text. What am I missing here?

What you are missing is that it is not secure to run the HMAC algorithm on the client side (in the browser) so Bubble throws that error when you try that.

The computation should be done in a server side workflow (API Workflow).

Ok i know how to run API workflows but is there a easy way to decrypt it via API workflow and show it on a repeating group?

Hi @keith,

How do you manage this with Toolbox’s server script and AES256? I looked at the Toolbox’s serverscript examples and kept getting a bubble side error when running. Does bubble support crypto or am I doing something wrong when setting up the node script as per the screen shot below?

It would be great to know how to do this and move behind HMAC. I’ll show everything how to setup a vault and bring in their key securely to bubble for encryption / decryption.

Thank you,

Hey @gilles, I have not personally done much with this sort of thing. However, I did encounter it once and I do have a video where I talk a bit about this in a real world context (setting up Amazon Product Search API).

That video can be found here:

Encrypting a signature for authentication to this API is discussed briefly. This is a LOT of content to wade through for that, but I do touch on it (somewhere around 30 - 45 minutes in is probably where this happens.


1 Like

Sounds like there is no easy solution for this. I can buy a coffee for somebody who can come up with an instructions.

Thanks @Keith - I took a quick glance and there’s some interesting aspects to this video. Will watch in detail with a glass of wine.

@boostsalesgroup - Mark - let’s loop in @mishav. @mishav - is there a way to get AES256 working as a script in toolbox (server script)? I grabbed the script of off and, in the screen shot in a few discussions above, tried to get it working in toolbox. However, keep getting the standard bubble “an error has occurred”. Does toolbox support crypto / does it have that library?

Thank you -

Well, it’s not particularly hard. But the trick if you want to decode directly into an RG is basically as follows:

  1. Create an API endpoint for decryption. Set it up so that it takes a single encrypted string (this is just going to be a text). You could call it code in your case, right?

  2. It has one workflow action: Return data from API. The data it returns is the text you passed decrypted: code:formatted as HMACblahblahblah (fill in the options).

  3. Now, go to the API Connector and configure a connection to your own app’s API. I actually walk through this weird idea in that video about Amazon Product API and show you how that’s done.

  4. In your RG, you will have a text element that displays Get data from an API (config as your decryption endpoint) – this will cause your decrypted text to be returned and displayed in the text element. (but all of the decryption will have happened securely server-side)

Requirements: You must have access to API Workflows (I believe this means your app must be on a paid account). You must also know how to config the API Connector (I actually think even if you have zero experience with the API Connector that if you watch the video I point to, you’ll grok the concept.) You will of course also want to configure an access token for your app (that’s in settings) that you can use for your own API call (you’ll see me discuss that in the video) as of course you do don’t want to just leave that endpoint exposed and not require authentication (the whole point of what you’re trying to do – unless you’re just messing around – is to make the encryption/decryption secure and not expose the key or the data you are desiring to store in encrypted form).

it’s entirely possible and only moderately difficult to set this up. (Consider: what I’m describing above is just one small part of connecting to the Amazon Product Search API – THAT was a thing that was hard [in total], working out how to do proper HMAC encrypt/decrypt on the server was just a small bit of mind-bending, but once you see it done, it’s easy to understand.)

1 Like

Hey @keith, I was able to set this up but I was having a problem actually decoding the text with an api call.

I have a text “12345” that is SHA1 encoded with a secret “TEST” = f83fbe6151aaed6a5206b283c862f275b823292d

When I run an api call it’s not decoded correctly. Is this the right way to do decoding on the server side?

Can’t tell from this image. What you want to do is return decrypted string of encrypted data, using the encryption key.

Are you doing that?

I think so but I might be missing something. I will send you a PM and maybe you can take a look.

Maybe I’m getting this wrong and SHA can not be decoded? I don’t know much about decryption so maybe that is the issue.

Do you know if there is a way to decrypt AES on a server side?

Hey! Were you able to figure out how to do AES encrypting and decrypting on a server side?

Have it in the back burner now. Will be try building something in early April. Will update our threads once I try.


I have encryption and decryption implemented with webtask but it does have performance limitations and not that great for production. Has anybody used Amazon Lambda? How to set it up? or is it better to use bubble server side actions now?

This topic was automatically closed after 70 days. New replies are no longer allowed.