Decrypt Data action

Feature coming soon

The Decrypt Data action adds an extra layer of security and enables you to decrypt data in Architect flows by using your own encryption key. This action is useful for decrypting PCI data before you call a data action to a back-end system. Before you begin, make sure that you configure an AWS KMS symmetric key within Genesys Cloud. For more information, see Use an AWS KMS symmetric key for encryption and decryption.

This action is available in the Customer Secured Data menu in the task editor Toolbox. Use this action in all flow types, excluding bot flows.

Action Description and use


Type a meaningful name for the action. The label you enter here becomes the action’s name displayed in the task sequence.

Data to Decrypt

The encrypted string value to decrypt back to a JSON value. To enter the encrypted string value, perform one of these steps

  • Enter the string value in the Enter expression box.
  • Click the Expression Modes button , click Expression , and enter an expression to represent the data to decrypt.
  • Click the Expression Modes button , click Expression , click Large expression editor and in the Edit ‘Data to Encrypt’ expression editor, enter the value to decrypt.

Architect generates encrypted string values from the Encrypt Data action. If you supply a NOT_SET string value or a blank String value to the action at runtime, execution takes the Failure output with an error reason string value of NoDataSupplied.

Decrypted Data

Enter a variable name to hold the decrypted JSON value from the supplied encrypted string value.

Failure Outputs

Failure outputs include these fields:

  • errorType: A nonempty String that contains the type or category of the error. The allowable values are:
    • CustomerKeyNotConfigured
    • CustomerKeyNotFound
    • GeneralError
    • MaximumDataSizeExceeded
    • NoDataSupplied
  • errorMessage: A non-localized error message. The String may be empty or NOT_SET.

Define success, failure, and output paths

Name Description

This path indicates that the action successfully communicated with its external endpoint and received a result. Drag the appropriate action below the Success path that follows the route you want the interaction to take. 

Note: A completed Success path indicates that no errors were encountered during the process. It is not a measure of whether the data received is the intended result or functionality.


This path indicates that an error occurred while running the action or a problem occurred while processing the results from a data action. Drag the appropriate action below the Failure path and direct the route you want the interaction to take.  

Note: If the network experiences connectivity issues, the action automatically takes this failure path.