Settings Encryption Handler
Component Detail
Infrastructure
low complexity
backend
0
Dependencies
0
Dependents
2
Entities
0
Integrations
Description
Infrastructure utility providing AES-256-GCM encryption and decryption for sensitive organization settings fields such as integration API keys and external credentials. Wraps Node.js crypto module with a consistent interface, manages initialization vectors, and reads the platform encryption key from environment configuration. Used by Organization Service before persistence and after retrieval.
settings-encryption-handler
Responsibilities
- Encrypt string field values using AES-256-GCM with a random IV
- Decrypt previously encrypted values using the platform key and stored IV
- Expose a list of field names that require encryption for a given settings schema
- Fail safely with structured errors if the key is missing or data is malformed
Interfaces
encrypt(plaintext: string): EncryptedField
decrypt(encrypted: EncryptedField): string
getSensitiveFieldNames(): string[]
Related Data Entities (2)
Data entities managed by this component