How to data mask ServiceCallout.request elements?

Report Inappropriate Content · 08-24-2015 04:17 PM

I am using a ServiceCallout policy to send a SOAP request to an identity service. Is there a way I can mask only particular elements in the SOAP request (Ex: username, password) instead of masking the entire ServiceCallout.request content?

anilsr

@bibin_kurian ,

Yes, You can mask part of request / response using XPath. For more details please find here.

Former Community Member

Hi @bibin_kurian the link can be a little confusing as it talks about Data Masking in general & how it works when trace sessions are turned on. Looks like you are looking to mask some data elements when making service callouts to external services.

I think there are 2 options to achieve this:

To do that as @Anil Sagar mentioned you can use XPATH expressions to extract out only the elements you need, copy them into a variable & use that variable in your Service Callout policy instead. You can use the Extract Variables policy to extract the right pieces.
Another option is to use an XSL file that can transform (removes the username, password fields) the request which can be used in the Service Callout policy instead.

hari_vr

I know I am a little late to this question (only about 10 months or so :P)

Afaik, there is no way to use Data masking to mask the contents of a Service Callout. Data Masking can be used for variables and specific paths in the XML/JSON requests and responses. Nothing in-between is maskable.

You can use an AssignMessage to create the ServiceCallout request and then mask the that variable.