Solved: Data Masking not working for JSON payload - Page 2

Report Inappropriate Content · 08-04-2015 04:41 AM

I have a requirement in my project to mask sensitive data in trace tool. Data is in JSON format and is like below.

<Content>{"BO":"{\"requestToken\":{\"validate\":{\"Reference\":{\"id\":\"000024001504\",\"Secret\":\"Googlygoogle123\",\"credentialType\":\"AbcType\",\"credential\":\"ar12345678\"}}}}"}</Content>

I have run below curl command before deploying the API.

curl -k -H "content-type:text/xml" -X POST -d \ '<MaskDataConfiguration name="default"> <JSONPathsRequest> <JSONPathRequest>$.BO.requestToken.validate.Reference.Secret</JSONPathRequest> </JSONPathsRequest> </MaskDataConfiguration>' \ http://<HostnamePort>/v1/o/<org_name>/maskconfigs \ -u <username>:<password>

So that when invoking the API and tracing the session using the trace session tool, Secret element of JSON is masked.

Still, I can see the Secret element' value. It is not masked.

Can any one look into this issue and help to resolve this.

Report Inappropriate Content

As @Mukundha Madhavan suggests my first step would be to validate the mask was created in the correct org.

As well, you might consider a more general form of the JSON path to catch anywhere the field secret may be present in payloads:

"jSONPathsResponse": [
    "$..*.secret",
    "$.foo",
    "$.bar"
  ]

View solution in original post

Report Inappropriate Content

For JSOn payload, Content-Type header as part of the request should have value as "application/json".

View solution in original post