Data Masking
Data Masking is a technique where sensitive data is obscured to render it safe to protect the actual data. Which the policy achieves by having a functional substitute for occasions when the real data is not necessary.
This policy is used to mask sensitive data at the application level. At the application level, you must configure an Identify and Access policy to identify the application for which the masking is applied. If no application is specified, then the policy is applied for all the other requests. Fields can be masked or filtered in the request messages received. You can configure the masking criteria for the XPath, JSONPath, and Regex expressions based on the content type.
In API Studio, the kind DataMasking identifies the policy.
Sample code for the Data Masking policy.
kind: DataMasking
apiVersion: api.webmethods.io/beta
metadata:
name: request_datamasking
version: 1.0
namespace: sample
spec:
enabled: false
matchApplications:
- consumer1
- consumer2
transformations:
set:
- jpath: '$.customer.name'
maskValue: ****
- xpath: '$.customer.name'
namespaces:
- prefix: ''
URI: ''
maskValue: ****
- regex: '$.customer.name'
maskValue: ****
remove:
- jpath: {request}
- xpath: {request}
- regex: {request}
applyForTransactionLogging: true
applyForPayload: trueThe structure in the code view and what it denotes is as follows.
| Type | Description |
|---|---|
| kind | DataMasking. The |
| apiVersion | Denotes the API version of the API on which this policy is enforced. |
| metadata | Denotes the metadata or details of the asset type. It covers the following metadata:
|
| spec | The spec denotes various policy properties that you can configure
for the policy.You can configure the following policy properties:
|