I have recorded a script in Jmeter and it has a body in encrypted format. I'm getting x-appiyo-hash and x-appiyo-key in request/response headers, am i suppose to use this for decryption? I want to form a normal readable body so that i can parameterize it using csv data file.
It seems that they're custom HTTP Headers (HTTP Headers which start from X-) so I doubt that anyone here can provide the answer, you should rather contact your application developers for the details.
If they cannot be correlated - then you need to generate them somehow, my expectation is that it's being done using JavaScript in browser so you need to either asks around for the algorithm or inspect your application using browser developer tools, once you know what needs to be done - you can replicate the code using JSR223 Test Elements and Groovy language and add them to your request via HTTP Header Manager