Hi community
I've looked at other questions/answers about this topic but most of them are too generic or inconclusive.
Has anyone successfully implemented data masking for:
Is these scenarios supported by edge and if yes, how would the API call to set it up look like?
Cheers
Ozan
Solved! Go to Solution.
@Ozan Seymen For complete request/response masking try doing this:
POST https://api.enterprise.apigee.com/v1/organizations/${org}/maskconfigs <MaskDataConfiguration name="default"> <JSONPathsRequest> <JSONPathRequest>$..*</JSONPathRequest> </JSONPathsRequest> <JSONPathsResponse> <JSONPathResponse>$..*</JSONPathResponse> </JSONPathsResponse> </MaskDataConfiguration>
The same can be done at the env level or proxy level as well, if you want to mask data for a specific env or specific api proxy.
Learned that Service callout request/response data masking is not supported. Still trying to understand if there is a way to mask request and response contents.
Hi @Ozan Seymen,
have you tried configuring "request" or "request.content" as part of the variables tag?
what's the requirement to mask for service callout? Masking functionality is only to restrict visibility of data at trace window.
Cheers,
Rajesh Doda
Hi @rdoda
I guess only thing we haven't tried is "request" - which we will try shortly.
Requirement is to do with security - developers have access to the trace tool for diagnostics purposes but body content passing through is confidential.
@Ozan Seymen Have you looked at this alert for service callout variables? You need to prefix your variable with ServiceCallout for eg.
ServiceCallout.request
@rdoda - we tried "request" but it is not working.
@Nafis Patel - we are trying that now - will let you know.
@Ozan Seymen For complete request/response masking try doing this:
POST https://api.enterprise.apigee.com/v1/organizations/${org}/maskconfigs <MaskDataConfiguration name="default"> <JSONPathsRequest> <JSONPathRequest>$..*</JSONPathRequest> </JSONPathsRequest> <JSONPathsResponse> <JSONPathResponse>$..*</JSONPathResponse> </JSONPathsResponse> </MaskDataConfiguration>
The same can be done at the env level or proxy level as well, if you want to mask data for a specific env or specific api proxy.
Thanks @arghya das - we will try that. I have a feeling that this is what we were looking for. Will keep you posted.