redact - DataPower Gateway (v5 compatible)
Use the redact policy to completely remove or to redact specified fields from the request body, the response body, and the activity logs. You might find this policy useful for removing or blocking out sensitive data (for example, credit card details) for legal, security, or other reasons.
For information on the different types of gateway, see API Connect gateway types.
|DataPower Gateway (v5 compatible)||1.0.0|
This topic describes how to configure the policy in your OpenAPI source; for details on how to configure the policy in the assembly user interface, see Redaction - DataPower Gateway (v5 compatible).
- redact: version: version title: title description: description actions: - action: remove_or_redact from: - where_the_redaction_is_to_be_applied path: XPath_expression_for_field_to_remove_or_redact . . . further action/from/path combinations . . .
You can specify as many
combinations as you want.
|version||Yes||The policy version number||string|
|title||No||A title for the policy.||string|
|description||No||A policy description.||string|
|action||No||Specifies whether you want to remove or redact the fields.
The default value is
Note: If a numerical value is being redacted, the redacted value is depicted as
|from||No||Determines where the redaction is to be applied.
You can supply one or more values. The default value is
|path||Yes||Specifies an XPath expression that defines the fields to remove or redact.
You can construct an XPath expression that is based on JSON or XML depending on whether your API requests and responses use a JSON or an XML format. If the payload is JSON, use the DataPower XML representation of the JSON content (JSONx) to construct the expression.
Note: Use a JSONx representation only to identify the XPath expressions for the fields to remove or redact. Do not change the format of any response bodies in API Manager.
To learn more about constructing XPath expressions that are based on JSON or XML, see Constructing XPath expressions to redact fields.
# Specify separate remove and redact actions - redact: version: 1.0.0 title: remove secret field, redact address actions: - action: remove from: - all path: /document/user/secret - action: redact from: - request - response path: //*[@name='secondaryAddress']/*[@name='streetAddress']