KB-1527 How to access Secure Credential Store values from servlet plugins


When developing custom servlet plugins, there are certain use cases that require access to the Third Party Credentials Store (SCS) in order to achieve an integration or specific business use case. Currently, direct access to the SCS is not supported in servlet plugins. This article details a workaround that uses a Cloud supported approach to gain access to SCS values from inside the servlet.


  1. Create a servlet plugin scaffold as per the documentation.
  2. Create the following function:
    public String getSecureCredentialValue(
    ServiceContext sc,
    SecureCredentialsStore scs,
    @Parameter String systemKey,
    @Parameter String fieldKey
    ) {
    try {
    Map<String, String> credentials = scs.getSystemSecuredValues(systemKey);
    String fieldValue = credentials.get(fieldKey);
    return fieldValue;
    } catch (Exception e) {
    return null;
  3. In the servlet, create the variable SYSTEM_KEY and FIELD_KEY that match the configurations in the environments SCS.
  4. In the servlet, implement the following:
    ServiceContext context = WebServiceContextFactory.getServiceContext(req);
    ProcessDesignService pds = ServiceLocator.getProcessDesignService(context);
    String scsFunction = String.format("getSecureCredentialValue(\"%s\",\"%s\")", SYSTEM_KEY, FIELD_KEY);
    TypedValue scsCallResult = pds.evaluateExpression(scsFunction);
    String value = scsCallResult.getValue().toString();
  5. The value variable will now hold the credential and is ready to be used.

Note: The provided code are examples and should be updated to conform to best practices regarding logging and exception handling.

Affected Versions

This article applies to all versions of Appian.

Last Reviewed: March 2018