Redaction - DataPower API Gateway
Use the Redaction policy to completely remove or to redact specified fields from the Request body, the Response body, and the activity logs. You might find this policy useful for removing or blocking out sensitive data (for example, credit card details) for legal, security, or other reasons.
Gateway support
For information on the different types of gateway, see API Connect gateway types.
Gateway | Policy version |
---|---|
DataPower API Gateway | 2.0.0 |
This topic describes how to configure the policy in the assembly user interface; for details on how to configure the policy in your OpenAPI source, see redact - DataPower API Gateway.
Properties
The following table lists the policy properties, indicates whether a property is required, specifies the valid and default values for input, and specifies the data type of the values.
Property label | Required | Description | Data type |
---|---|---|---|
Title | No | The title of the policy. The default value is |
string |
Description | No | A description of the policy. | string |
Root | No | Specifies the data source that contains the content to redact or remove. If no value is
entered in the Root field, the action is applied to the entire API
context. You can use any supported JSONata path expression. If you want to apply the action
to either request or response data, specify a value of message.body. The
actual content to which the action is applied then depends on the positioning of the Redaction policy in the overall
assembly flow; for example:
If, in your assembly flow, the Redaction policy is used after a Log policy that specifies Gather-only mode, specify a Root value of log.request_body for the logged request payload, or log.response_body for the logged response payload. |
string |
Path | Yes | Specifies a JSONata path expression that identifies the content to redact or remove from the source. For more information, see Constructing JSONata expressions to redact fields | string |
Action | No | Specifies whether you want to remove or redact the content. Choose one of the following
options:
The default value is Redact. Note: If a numerical value is
being redacted, the redacted value is depicted as
****** and the type is changed to
string . |
string |