Redact

Masks or removes sensitive data.

Use the Redact policy to mask or remove sensitive data from requests, responses, or logs to protect confidential information.

For more information on the policy parameter descriptions, see DataPower Nano Gateway documentation.

Example of a Redact policy in code view.

--- #redact message
kind: redact #same for remove
apiVersion: api.ibm.com/v1
metadata:
  name: "redact-request"
  version: 1.0
  namespace: sample
spec:
  message:
    messageName: "request"
    queryParameters:
      - token
      - trace
    headers:
      - X-API-Key
      - X-Auth-Token
    body:
      captures: #OneOf
        jsonata: #allows either regex or jsonata, but not both
          - "doc.key.password"
          - "doc.key.user"
--- #redact variable/distributedVariable
kind: redact #same for remove
apiVersion: api.ibm.com/v1
metadata:
  name: "redact-variable"
  version: 1.0
  namespace: sample
spec:
  variable: #same for distributedVariable
    name: "my-custom-var-1"
    captures:
      jsonata:
        - "doc.key.password"
        - "doc.key.user"
--- #redact variable/distributedVariable
kind: redact #same for remove
apiVersion: api.ibm.com/v1
metadata:
  name: "redact-distributed-variable"
  version: 1.0
  namespace: sample
spec:
  distributedVariable: #same for distributedVariable
    name: "my-custom-var-1"
    captures:
      jsonata:
        - "doc.key.password"
        - "doc.key.user"
---
kind: redact
apiVersion: api.ibm.com/v1
metadata:
  name: "redact-telemetry"
  version: 1.0
  namespace: sample
spec:
  telemetry:
    keys:
      - "key1"
    span: "rootSpan"
    # # (2/3) policySpan
    # span:
    #   policySpan: ""
    # # (3/3) httpSpan
    # span:
    #  httpSpan: ""