How can hide my sensitive data(bank password)using data masking concept in Apigee

Not applicable

@venkateswarlu I am new to apigee I'm trying to hide my sensitive data using data masking concept in Apigee,but i don't know how to implement this concept in Apigee, can any one know about this concept(data-masking) please let me know.

0 8 2,326
8 REPLIES 8

Hi Venkatesh,

In order to prevent privacy data from being viewable in the Apigee trace tool, you can create MaskDataConfiguration using the Management API . At runtime the specific data you have configured in this mask is then displayed with asterisks. Detailed documentation on how to configure this is found here: http://docs.apigee.com/api-services/content/data-masking

nmallesh
Participant V

Hi @venkatesh kandukuri

Data Masking can block data values in XML Payloads, JSON Payloads and Variables as below

  • XML payloads: Using XPath, you identify XML elements to be filtered from request or response message payloads.
  • JSON payloads: Using JSONPath, you identify JSON properties to be filtered from request or response message payloads.
  • Flow variables: You can specify a list of variables that should be masked in debug output. When you specify the request.content, response.content, or message.content flow variables, the request/response body is also masked.

Data Masking Configurations can be set globally

for an organization

POST /v1/o/{org}/maskconfigs

or on specific apis

POST /v1/o/{org}/apis/{api}/maskconfigs

Data Masking Payload

<MaskDataConfiguration>
    <XPathsRequest>
        <XPathRequest>/root/logonpassword</XPathRequest>
    <XPathsRequest>
    <Variables>
	<Variable>passwprd</Variable>
    </Variables>
    <JSONPathsRequest>
        <JSONPathRequest>$.logonpassword</JSONPathRequest>
    </JSONPathsRequest>
</MaskDataConfiguration>

Data is masked in trace as below

Body{
"logonpassword": "******",
"name": "first_name",
"surname": "last_name"
}

As already mentioned above - Read more about it in the official documentation here.

Thanks for reply guys.

Thank you @Nisha Mallesh

But where I have to use this Mask configuration code .can you please give brief description? should I add any policy for that?

Thanks in advance.

Mask configurations are defined as XML- or JSON-formatted files that you upload and download using the RESTful management API.

Kindly go through the data masking documentation already mentioned for more examples.

Is any vedio avilable on how to use mark configuretion,please let me know.

Thank you

If I find any, I will update you with it.

Thanks for your help:)