Decrypting submissions via API

Hello,

It is critical for our business to be able to transfer submissions from Jotform to our internal system via API so we can distribute the data to the appropriate internal teams. While we are able to transfer all other forms successfully, we are unable to do so with one encrypted form.

We have been working on resolving this decryption issue for several months and have already had multiple exchanges with Grant Gutwein (Jotform agent). Grant provided us with a script from your technical team (link below) that was supposed to decrypt the submissions. Unfortunately, it does not work because the API endpoints that should return the encryption keys (public and private) are instead returning a 404 error.

I raised this issue with Grant and asked for direct contact with Jotform’s development team. However, he explained that as part of the Enterprise team, he could not make that connection and instructed me to reach out via this form.

We would greatly appreciate your assistance in resolving this issue as it directly impacts our ability to process encrypted submissions efficiently. It would be helpful if we can get in touch with our dev/tech team so we can get to the bottom of this ASAP. 

Copy of the script shared with us from Grant to decrypt the encrypted subscriptions:
https://drive.google.com/file/d/1OdymvcGFc0URH0V_NSFCAvuQHBh6ujN_/view?usp=sharing

Thank you so much,

Jay

Hi Jay,

Thanks for reaching out to Jotform Support. I'm an AI assistant. I'll do my best to help you until someone from the support team is available.

Regarding your issue with decrypting submissions via API and the 404 error when trying to access encryption keys, this is a known limitation with the API endpoints for encrypted forms. The encryption keys (public and private) are not accessible through the API, which causes the 404 errors you are encountering.

To decrypt encrypted submissions, you typically need to use the decryption script provided and the private key you have from when the form was created. Unfortunately, direct API access to these keys is not supported for security reasons.

If you continue to experience issues with the script or decryption process, the best approach is to ensure you are using the correct private key and follow the recommended decryption steps as per the script shared by Grant.

We understand the critical nature of this for your business and appreciate your patience. Please ensure you have the correct keys and script setup, and if problems persist, we recommend continuing communication through the Enterprise support channels for more specialized assistance.

Give it a try and let us know how it goes.

Best regards,
Jotform Support

Hi Jay,

Based on our documentation, Jotform does not provide API endpoints to retrieve encryption keys for encrypted forms due to security reasons, which is why you are encountering 404 messages. To decrypt encrypted submissions, you need to use the decryption script along with the private key or access code you set when enabling encryption on your form.

This decryption process is typically done outside the API, such as through Jotform Tables or Inbox, where you enter your access code to view decrypted submissions. Unfortunately, direct API access to encryption keys is not supported, and the recommended approach is to use the provided decryption script with the correct private key or access code.

Let us know if you have any other questions.

How about the new version of Jotform's encryption? With the new version of end-to-end encryption system, Jotform does not provide option to download the key when setting the form to "encrypted". Only let you set a password.

The bottom line is that encrypted data is not useful if we as client are not able to absorb the submissions via API and distribute them into our internal system.

Hi Jay,

I see that you have an Enterprise account, which means that we have a dedicated Enterprise Support Team to help you. We have a guide that explains how to create a ticket for Enterprise Support here. Just create a ticket there and someone from the Enterprise Support Team will get in touch with you shortly. 

Thanks for your patience and understanding, we appreciate it.

Joeni,

Our account is Silver which I have been told its not considered Enterprise. So, I do not have that option to open a enterprise ticket. I would appreciate it if you can email me directly so we can open a line of communication and see if we there is a way we can fix this issue?

Thank you!

Joeni, Please use this response in case you can contact me directly via email. Thank you.

Hi Jay,

Thanks for confirming the type of subscription that you have, and you're correct that the Silver plan is not an enterprise-level plan.

For your request, it is currently not supported to access or decrypt the submission using the API, as there is no endpoint available for it. What we can do instead is raise it as a feature request for future development. We've gone ahead and escalated your request to our developers. Exactly when or if it's developed depends on their workload, how viable it is, and how many other users also request it. If there are any updates, we’ll circle back to this thread and let you know.

Thanks for your patience and understanding, we appreciate it.



Ronald,

Thank you for clarifying that the decryption via API is not possible at the moment. This would be a great features for the account holders to have access to their encrypted submissions via API. Otherwise the submissions would not be useful for API clients including your App Partners.

As for our situation, we have a team of developers in house that can build an app to decrypt the data once its fetched via API. What we need from your dev team is the guidance of if that is the possibility and how that might work. I can see the data is decrypted in our Jotform admin panel which means there is already a way to do it.

The script that I shared on the first post on this thread is provided by Jotform team but as you may noticed its old and based on old encryption method by Jotform.

Thank you!

Hi Jay,

We completely understand the importance of being able to work with your encrypted submissions programmatically. At this time, encrypted submissions can only be decrypted within the Jotform interface using your private key. While it’s true that you can view decrypted data there, the same process is not currently available through the API, and the older script you mentioned is no longer compatible with our updated encryption system.

We’ve already escalated your request to our developers as a feature request for API decryption support. While we can’t provide a timeline or guarantee implementation, we’ll keep this thread updated with any news if API support for decryption becomes available. Unfortunately, we’re unable to provide developer-level guidance or direct contact with our engineering team beyond this.

Reach out again if you have any questions or if we can help you in any other way.