Data Hiding: will adding "private" (e.g., "private...

tdavid99 · 05-10-2018 10:03 AM

A health insurance provider needs to hide all production PHI/PII data from the Apigee support organization due to its stricter security policies. If data in a message (request or response content) is accessed within proxies using the "private" prefix (including whole message bodies), will the described function of the "private" prefix apply to an entire message body at a time?

mpurwar

Hi @Terry David, If you want hide or mask the whole request and response content, you can create a mask configurations for either the complete request or response or even choose certain elements you want to mask.

You can find all the details for the Data Masking Configuration here - https://docs.apigee.com/api-platform/security/data-masking

tdavid99

@ Mudit Kumar as I read the docs, it stats that Masking only applies when a debug/trace session is active. This would not be sufficient for our purposes, thus why I am asking about hiding. Are you saying that Masking can apply universally? Does that apply to all Apigee internal logs as well (i.e., if we use data hiding (or masking), will field values identified ever be written into apigee internal support logs?

Thanks.

Data Hiding: will adding "private" (e.g., "private.request.content") hide an entire payload?