—Rate this article—
 

Beta Release of SmartDocs

1. In the Resource URL, replace any values enclosed in "{}", such as your organization name.
2. Set the Basic Authentication credentials. These are your Edge credentials (user must be in the Org Admin role).
3. Tweak the Request Body as needed (if a body is needed).
4. Send the live request to Edge and view the response! You can also view Request data.

Create Data Masks for an API Proxy

Resource Summary

Auth Type

BASICAUTH,

Content Type

application/json, text/xml

Category

Data Mask,

addAPIMaskPost

POST

Create Data Masks for an API Proxy

Create a data masks for an API proxy.

You can capture message content to assist in runtime debugging of APIs calls. In many cases, API traffic contains sensitive data, such credit cards or personally identifiable health information (PHI) that needs to filtered out of the captured message content.

Data masks enable you to specify data that will be filtered out of trace sessions. Data masking is only enabled when a trace session (also called a 'debug' session) is enabled for an API proxy. If no trace session are enabled on an API proxy, then the data will not be masked.

Mask configurations enable you to identify sensitive data in these sources:
  • XML payloads: Using XPath, you identify XML elements to be filtered from request or response message payloads.
  • JSON payloads: Using JSONPath, you identify JSON properties to be filtered from request or response message payloads.
  • Flow variables: You can specify a list of variables that should be masked in debug output.
The basic structure of a mask configuration is shown by the following XML representation:

Note that the name of the mask must be "default".

<MaskDataConfiguration name="default">
  <XPathsRequest>
	<XPathRequest>/apigee:Greeting/apigee:User</XPathRequest>
  </XPathsRequest>
  <XPathsResponse>
    <XPathResponse>/apigee:Greeting/apigee:User</XPathResponse>
  </XPathsResponse>
  <JSONPathsRequest>
    <JSONPathRequest>$.store.book[*].author</JSONPathRequest>
  </JSONPathsRequest>
  <JSONPathsResponse>
	<JSONPathResponse>$.store.book[*].author</JSONPathResponse>
  </JSONPathsResponse>
  <XPathsFault>
	<XPathFault>/apigee:Greeting/apigee:User</XPathFault>
  </XPathsFault>
  <JSONPathsFault>
	<JSONPathFault>$.store.book[*].author</JSONPathFault>
  </JSONPathsFault>
  <Variables>
	<Variable>request.header.user-agent</Variable>
    <Variable>request.formparam.password</Variable>
  </Variables>
</MaskDataConfiguration>

Resource URL

https://api.enterprise.apigee.com/v1 /organizations/{org_name}/apis/{api_name}/maskconfigs

    Header Parameters

  • Name
    Value
    Description
  • Content-Type
    (required)
    Specify the Content-Type as application/json or text/xml.

Request Body

Field Name Description Default Required?
XPathsRequest A list of XPath expressions that will be evaluated against XML payloads (if any) in the request path. Any XPaths that successfully resolve will result in the value of the XML element being masked. N/A No
XPathsResponse A list of XPath expressions that will be evaluated against XML payloads (if any) in the response path. Any XPaths that successfully resolve will result in the value of the XML element being masked. N/A No
JSONPathsRequest A list of JSONPath expressions that will be evaluated against JSON payloads (if any) in the request path. Any JSONPaths that successfully resolve will result in the value of the JSON property being masked.
JSONPathsResponse A list of JSONPath expressions that will be evaluated against JSON payloads (if any) in the response path. Any JSONPaths that successfully resolve will result in the value of the JSON property being masked. N/A No
XPathsFault A list of XPath expressions that will be evaluated against XML payloads (if any) in the error flow (which executes if a fault is thrown at any point in the flow). Any XPaths that successfully resolve will result in the value of the XML element being masked. N/A No
JSONPathsFault A list of JSON expressions that will be evaluated against XML payloads (if any) in the error flow (which executes if a fault is thrown at any point in the flow). Any JSONPaths that successfully resolve will result in the value of the XML element being masked. N/A No
Variables A list of variables (either pre-defined or custom) who values will be masked. N/A No

org_name Mention the organization name true

api_name Mention the API proxy name true

Basic Auth

OAuth 2

Custom Token

Reset

Make a request and see the response.

Make a request and see the response.

Working...

Help or comments?

  • Something's not working: See Apigee Support
  • Something's wrong with the docs: Click Send Feedback in the lower right.
    (Incorrect? Unclear? Broken link? Typo?)