PARTNERS - Please join us for our upcoming webinar:
Leveraging Intelligent Recommendations for Operational Transformation.
AMS Partners click HERE | EMEA/APJ Partners click HERE
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

REST Connector: How to hide sensitive information from logs and provisioning comments

yogesh2
Regular Contributor
Regular Contributor

‎08/11/2024 03:07 AM

I'm using REST connector to generate TAP via Azure Graph API but the tap gets printed in logs and in provisioning comments, this is a sensitive string (equivalent to password) so I want it not to do so.

Is there a way to mask/hide this string or even the entire API response in the logs?

I have tried setting showlogs to false in the ConfigJSON but even with that the TAP is visible in logs and task comments (see screenshots at the bottom)

// ConfigJSON
{
	"showLogs": false,
	"connectionTimeoutConfig": {
		"connectionTimeout": 10,
		"readTimeout": 3,
		"retryWait": 6,
		"retryCount": 5
	}
}

Logs (temporaryAccessPass is visible in plain text😞

yogesh2_0-1723370309254.png

Task's provisioning comments (temporaryAccessPass and entire API response is visible😞

yogesh2_1-1723370617906.png

 

0 Kudos
9 REPLIES 9

rushikeshvartak
All-Star
All-Star

‎08/11/2024 05:43 AM

Provisioning comments section is not configurable you need to raise idea ticket.

You can try below things

  • configJSON - showlogs false 
  • in JSON - showResponse false
  • Global Configuration - Sensitive Data Variables To Be Masked 

All configuration have no relation with provisioning comments but you can try.


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

yogesh2
Regular Contributor
Regular Contributor
In response to rushikeshvartak

‎08/11/2024 09:07 AM

Thanks for suggestions, I already have showlogs false in configJSON, and when I addded "showResponse": false to the create account JSON then I am getting this error:

yogesh2_0-1723391969051.png

It does hide the response in provisioning comments, and it seems that the response is not just from me but is hidden from Saviynt itself; i.e. I'm not able to pass variables from one call to next. I did not check whether the response is hidden in the logs or not as this configuration breaks entire use case anyways.

The global config setting seems to be working only on connectionJSON not on createaccountjson and it only hides variables not something from response. So no luck there either.

yogesh2_1-1723392393798.png

I guess, I'll have to create an idea.

0 Kudos

yogesh2
Regular Contributor
Regular Contributor
In response to yogesh2

‎08/11/2024 09:15 AM

created https://ideas.saviynt.com/ideas/EIC-I-6082

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to yogesh2

‎08/11/2024 11:03 AM

Try removing showResponse line


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
0 Kudos

yogesh2
Regular Contributor
Regular Contributor
In response to rushikeshvartak

‎08/11/2024 10:17 PM

I did not have this line initially when I made the post

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to yogesh2

‎08/12/2024 05:33 AM

It will be enhancement 


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
0 Kudos

NM
Honored Contributor
Honored Contributor
In response to yogesh2

‎08/11/2024 12:46 PM

Hi @yogesh2 , a limitation only .. you can hide the prov comment if it is coming in postman response.

0 Kudos

yogesh2
Regular Contributor
Regular Contributor
In response to NM

‎08/11/2024 10:18 PM

I don't understand

0 Kudos

stalluri
Valued Contributor
Valued Contributor
In response to yogesh2

‎08/31/2024 08:58 PM

@yogesh2 

Can you share your Json here.


Best Regards,
Sam Talluri
If you find this a helpful response, kindly consider selecting Accept As Solution and clicking on the kudos button.
0 Kudos
Copyright © 2024 Khoros, LLC