|

Docs

General
↳ See all 22 articles
Core Features
↳ See all 35 articles
Apps & Integrations Setup
Tips & Tricks
Accounts & Billing
Workflows
App Builder
↳ See all 12 articles
/ Documentation /Apps & Integrations Setup/ Using the Crypto App in OttoKit

Using the Crypto App in OttoKit

Want to secure your workflows with enterprise-grade cryptography? The Crypto App brings hash generation, digital signatures, data encoding, and secure random value creation directly into your automations. Hash sensitive data, authenticate messages, create encrypted signatures, or generate UUIDs and passwords, all built into OttoKit.

From integrity verification to API authentication, you get access to industry-standard cryptographic operations without wrestling with code libraries or third-party services. Everything runs natively in your workflow, keeping your sensitive operations contained and secure.

Note: This integration performs cryptographic operations only. Always keep private keys and secret keys secure and never expose them in public workflows.

Actions in the Crypto App

1) Hash Data

Generate cryptographic hashes for data integrity and verification, perfect for checksums, file verification, or password storage.

To hash data:

  1. Add a new action to your workflow.
  2. Search for Crypto and select it.
  3. Choose Hash Data.
  4. Click Continue to open the Configure tab.
  5. Fill in the fields:
    • Data to Hash (required) – The data you want to hash. Can be text, JSON, or any string data.
  6. Click Show Optional Fields for additional configuration:
    • Algorithm – The cryptographic algorithm to use (select from the SHA options provided).
    • Output Format – The format for the output (Hexadecimal or Base64).
    • Input Encoding – The encoding of the input data (UTF-8 text, base64 encoded, hexadecimal).
Image 43 1024x490
  1. Click Continue to open the Test Step tab.
  2. Click Test to generate your hash.
Image 40 1024x488
  1. If everything looks good, click Save.

2) Generate HMAC

Generate a Hash-based Message Authentication Code for message authentication and integrity—ideal for API security, webhook verification, and data validation.

To generate HMAC:

  1. Add a new action.
  2. Search for Crypto.
  3. Select Generate HMAC.
  4. Click Continue.
  5. Fill in the fields:
    • Message (required) – The message data to generate HMAC for. This can be any text, JSON, or string data.
    • Secret Key (required) – The secret key used for HMAC generation. Keep this key secure and private.
    • Algorithm (required) – The cryptographic algorithm to use (select from HMAC-SHA options).
    • Message Encoding (required) – The encoding of the input data (UTF-8 text, base64 encoded, hexadecimal).
    • Key Encoding (required) – The encoding of the input data (UTF-8 text, base64 encoded, or hexadecimal).
Image 34 1024x486
  1. Click Test, then Save.
Image 45 1024x486

3) Generate Random Data

Generate secure random data, including bytes, strings, UUIDs, and passwords, perfect for creating tokens, session IDs, or secure credentials.

To generate random data:

  1. Add a new action.
  2. Search for Crypto and choose Generate Random Data.
  3. Click Continue.
  4. Fill in the fields:
    • Random Data Type (required) – The type of random data to generate (Random string, Random Bytes, Random ASCII, UUID v4, Secure password).
    • Length – Length of the random data (1-1024). For UUID, this field is ignored.
    • Output Format – Output format for random bytes (Hexadecimal or Base64).
    • Include Symbols – Include special symbols in the random string (No or Yes).
    • Password Options – Password generation options for complexity and readability.
    • ASCII Range – ASCII character range for random generation.
Image 35 1024x488
  1. Click Test and Save.
Image 42 1024x483

4) Encode Data

Encode data using various encoding schemes like Base64, Hexadecimal, or URL encoding—great for API transmission, data obfuscation, or format conversion.

To encode data:

  1. Add a new action and select Encode Data.
  2. Configure the fields:
    • Data to Encode (required) – The data you want to encode. Can be text, JSON, or any string data.
  3. Click Show Optional Fields:
    • Encoding Type – The encoding scheme to use for the data (Base64, Hexadecimal, or URL encoding).
    • Input Format – The format of the input data for proper handling (Plain text, JSON, binary).
    • Output Options – Output formatting options for the encoded data (Standard, URL safe, no padding).
Image 38 1024x490
  1. Click Test and Save.
Image 41 1024x486

5) Decode Data

Decode data from various encoding schemes like Base64, Hexadecimal, or URL encoding—essential for processing encoded API responses or encrypted data.

To decode data:

  1. Add the action and select Decode Data.
  2. Configure:
    • Encoded Data (required) – The encoded data you want to decode.
  3. Click Show Optional Fields:
    • Encoding Type – The encoding scheme used for the input data (Base64, Hexadecimal, or URL encoding).
    • Output Format – The desired output format for the decoded data (Plain text, JSON, base64, hexadecimal).
    • Input Variant – The variant of Base64 encoding used (Standard base64, URL-Safe base64, base64 without padding).
    • Validation – How to handle potentially invalid input data (Strict or Lenient).
Image 44 1024x489
  1. Click Test and Save.
Image 36 1024x486

6) Generate Key Pair

Generate RSA public and private key pairs for cryptographic operations—perfect for secure authentication, data encryption, and digital signatures.

To generate a key pair:

  1. Add the action and choose Generate Key Pair.
  2. Configure:
    • Key Size (required) – RSA key size. Larger keys are more secure but slower to generate and use.
    • Key Format (required) – Output format for the keys. PEM is the standard format for RSA keys (Privacy Enhanced Mail).
    • Include Key Metadata – Include key fingerprint and other metadata in the response (Yes or No).
Image 33 1024x488
  1. Click Test and Save.
Image 48 1024x492

7) Sign Data

Generate digital signatures for data authentication and integrity—ideal for document verification, API authentication, and secure transactions.

To sign data:

  1. Add the action and select Sign Data.
  2. Configure:
    • Data to Sign (required) – The data you want to sign. This can be any text or binary data.
    • Private Key (PEM Format) (required) – RSA private key in PEM format. This key should be kept secure and never shared.
  3. Click Show Optional Fields:
    • Signature Algorithm – The signature algorithm to use. SHA256 or higher is recommended for security.
    • Output Format – Output format for the signature. Base64 is more compact, while hex is easier to read (Base64 or Hexadecimal).
Image 37 1024x490
  1. Click Test and Save.
Image 46 1024x488

8) Verify Signature

Verify digital signatures to authenticate data integrity and origin—essential for validating signed documents, API requests, and secure communications.

To verify a signature:

  1. Add the action and choose Verify Signature.
  2. Configure:
    • Original Data (required) – The original data that was signed. Must match exactly what was signed.
    • Signature (required) – The signature to verify. Can be in Base64 or Hexadecimal format.
    • Public Key (PEM Format) (required) – RSA public key in PEM format. This should match the private key used to sign the data.
  3. Click Show Optional Fields:
    • Signature Algorithm – The signature algorithm used to sign the data. Must match the algorithm used during signing (select from RSA-SHA options).
    • Signature Format – The format of the provided signature.
Image 39 1024x488
  1. Click Test and Save.
Image 47 1024x488

Practical Use Cases

Below are three practical examples that show how to put it to work.

Verify an Incoming Webhook Request

Scenario: Your workflow is triggered by a webhook from a third-party service, such as a payment processor or form tool. To make sure the request is genuine and has not been tampered with, you can use the Generate HMAC action in the Crypto app to verify the signature. Most services sign their webhook payloads with a secret key. If the HMAC you generate matches the signature sent in the request header, the request is legitimate, and your workflow can proceed safely.

Step 1: Set Up the Trigger

  1. Create a new workflow in OttoKit.
  2. Click the trigger area and select Webhook as the trigger app.
  3. OttoKit will generate a unique webhook URL for your workflow. Copy this URL and paste it into the webhook settings of your third-party service.
  4. Send a test event from the service to trigger the webhook.
  5. Once the test data arrives in OttoKit, click Save Trigger. Make sure the sample data includes the request payload and the service’s signature header.

Note: The signature value is usually found in the webhook request headers. Check the documentation of your third-party service to find the exact header name, for example, X-Signature or X-Hub-Signature-256.

Step 2: Add the Crypto App

  1. Click the + button below the trigger.
  2. Search for Crypto and select it.
  3. Choose Generate HMAC as the action.
  4. Click Continue to open the Configure tab.
  5. Fill in the fields:
FieldWhat to Enter
Message (required)Map the raw webhook payload from the trigger (the request body).
Secret Key (required)Enter the secret key provided by your third-party service. Keep this value secure.
Algorithm (required)Select HMAC-SHA256. This is the most widely used algorithm for webhook verification.
Message Encoding (required)Select UTF-8 text.
Key Encoding (required)Select UTF-8 text.
  1. Click Continue, then click Test. The output will include a generated HMAC hash value.
  2. Click Save.

Step 3: Compare the HMAC to the Incoming Signature

  1. Click the + button below the Crypto step.
  2. Search for Branch and select the Branch app.
  3. Click Continue to open the Configure tab.
  4. Set up the condition as follows:
ConditionOperatorValue
Map the HMAC output from the Crypto stepEqualsMap the signature value from the webhook trigger header
  1. Click Test Condition, then Save.
  2. On the Yes path (the HMAC matches the signature), add your next action, such as creating an order or updating a record.
  3. On the No path (the signatures do not match), you can add a step to log the invalid request or stop the workflow without taking any action.
  4. Click Publish Workflow.

That is it. Now every incoming webhook is verified before your workflow takes any action. Requests that do not pass the check are handled separately.

Generate a Secure Password for a New User Account

Scenario: When a new customer registers on your platform, you want to automatically generate a strong, secure password and send it to them by email. The Generate Random Data action in the Crypto app creates a secure password in seconds, without any manual setup or guesswork.

Step 1: Set Up the Trigger

  1. Create a new workflow in OttoKit.
  2. Click the trigger area and search for SureCart (or your preferred platform).
  3. Select New Customer as the trigger event.
  4. Connect your account.
  5. Click Save Trigger, then Fetch Data to load a sample customer record. This loads the customer’s email and name that you will use in the email step.

Step 2: Add the Crypto App

  1. Click the + button below the trigger.
  2. Search for Crypto and select it.
  3. Choose Generate Random Data.
  4. Click Continue.
  5. Fill in the fields:
FieldWhat to Enter
Random Data Type (required)Select Secure password.
LengthEnter 16 for a 16-character password.
Include SymbolsSelect Yes for stronger security.
Password OptionsSet your preferred options for complexity and readability.
  1. Click Continue, then click Test. The output will show a generated secure password.
  2. Click Save.

Step 3: Email the Password to the New User

  1. Click the + button below the Crypto step.
  2. Search for Gmail (or your preferred email app) and select Send Email.
  3. To: map the customer email from the trigger.
  4. Subject: Your Account Has Been Created.
  5. Body: type your welcome message and use @ to map the Generated Password output from the Crypto step. For example: Welcome! Your temporary password is: [map password here]. Please log in and change it as soon as possible.
  6. Click Test, then Save.
  7. Click Publish Workflow.

That is it. Now every new customer account automatically gets a secure password generated and emailed to them the moment their account is created.

Create a Unique Verification Token for New Users

Scenario: When a new user registers on your WordPress site, you want to send them an email with a verification link. The link needs a unique, hard-to-guess token so that only the right person can verify their account. The Generate Random Data action in the Crypto app can generate a UUID v4, a universally unique identifier, that you save to the user profile and include in the verification link automatically.

Step 1: Set Up the Trigger

  1. Create a new workflow in OttoKit.
  2. Click the trigger area and search for WordPress.
  3. Select User Registration as the trigger event.
  4. Connect your WordPress site.
  5. Click Save Trigger, then Fetch Data to load a sample user record. Make sure the sample includes the user ID and email.

Step 2: Add the Crypto App

  1. Click the + button below the trigger.
  2. Search for Crypto and select it.
  3. Choose Generate Random Data.
  4. Click Continue.
  5. Random Data Type (required): select UUID v4. No other fields are required for UUID generation.
  6. Click Continue, then click Test. You will see a unique UUID in the output, for example: a1b2c3d4-e5f6-7890-abcd-ef1234567890.
  7. Click Save.

Step 3: Save the Token to the User Profile

  1. Click the + button below the Crypto step.
  2. Search for WordPress and select Set User Meta.
  3. User ID: map the user ID from the trigger.
  4. Meta Key: type verification_token.
  5. Meta Value: map the UUID output from the Crypto step.
  6. Click Test, then Save.

Step 4: Send the Verification Email

  1. Click the + button below the Set User Meta step.
  2. Search for Gmail and select Send Email.
  3. To: map the user email from the trigger.
  4. Subject: Please Verify Your Email Address.
  5. Body: type your message and include the verification link. Use @ to map the UUID from the Crypto step into the URL. For example: Click here to verify your account: https://yourwebsite.com/verify?token=[map UUID from Crypto step].
  6. Click Test, then Save.
  7. Click Publish Workflow.

That is it. Now every new user registration automatically generates a unique verification token, saves it to their WordPress profile, and sends them a verification email with their personal link.

With the Crypto App in OttoKit, you can add enterprise-grade cryptographic security to any workflow. Hash data for integrity checks, generate secure random tokens, encode and decode sensitive information, create RSA key pairs, and sign or verify data, all without external tools or complicated setup.

Whether you’re building secure APIs, authenticating webhook requests, generating secure passwords, validating data integrity, or creating digital signatures, OttoKit makes cryptography fast, reliable, and accessible.

Start using the Crypto App today and add powerful security capabilities to every workflow you build.

Was this doc helpful?
What went wrong?

We don't respond to the article feedback, we use it to improve our support content.

Need help? Contact Support
%title %title
Scroll to Top