I have a requirement to implement Masking the data while trace and while do logging. Please help me with the process of implementing masking. if possible share a sample.
Masking required for both request and response JSON/XML. For logging, we are using Splunk.
Is their any changes required in the domain level or Proxy level changes are fine?
I tried with the below URL, but help me with some samples,
https://docs.apigee.com/api-platform/security/data-masking
Thanks
Gopala Krishnan
Hi @Gopala krishnan Periyasamy,
You can create mask configs at the organization or proxy level, they apply only to the Trace window.
This mask config applies to the `features-v1` proxy and masks all of the values for the fields in a request and response for both JSON and XML:
curl -n -X POST 'https://api.enterprise.apigee.com/v1/organizations/$ORG/apis/features-v1/maskconfigs' \ --header 'Content-Type: application/json' \ --data-raw '{ "jSONPathsFault": [ "$.*" ], "jSONPathsRequest": [ "$.*" ], "jSONPathsResponse": [ "$.*" ], "name": "default", "xPathsRequest": [ "/*" ], "xPathsResponse": [ "/*" ] }'
The view in Trace for JSON:
and for XML:
This mask config will mask the entire request and response content.
curl -n -X POST 'https://api.enterprise.apigee.com/v1/organizations/$ORG/apis/features-v1/maskconfigs' \ --header 'Content-Type: application/json' \ --data-raw '{ "name": "default", "variables": [ "request.content", "response.content" ] }'
The view in Trace:
To mask values that are sent to your logging solution, you'll have to take care to mask those values in the message that you send. This can be done using a JavaScript policy.
thanks For your answer.
User | Count |
---|---|
3 | |
2 | |
1 | |
1 | |
1 |