Send Docs Feedback

Making management API calls from this page

  1. In the URL, replace any values enclosed in "{ }", such as your organization name.
  2. Set the Basic Authentication credentials: Edge email and password (user must be in the Org Admin role).
    If you don't have an Apigee account,
    go here.
  3. Tweak the parameters and request body as needed.
  4. Send the live request to Edge!

Create Data Masks for an API Proxy

Resource Summary

Security

Content Type

application/json, text/xml

Category

Data Mask,

addAPIMaskPost

POST

Create Data Masks for an API Proxy

Create a data masks for an API proxy.

You can capture message content to assist in runtime debugging of APIs calls. In many cases, API traffic contains sensitive data, such credit cards or personally identifiable health information (PHI) that needs to filtered out of the captured message content.

Data masks enable you to specify data that will be filtered out of trace sessions. Data masking is only enabled when a trace session (also called a 'debug' session) is enabled for an API proxy. If no trace session are enabled on an API proxy, then the data will not be masked.

Mask configurations enable you to identify sensitive data in these sources:
  • XML payloads: Using XPath, you identify XML elements to be filtered from request or response message payloads.
  • JSON payloads: Using JSONPath, you identify JSON properties to be filtered from request or response message payloads.
  • Flow variables: You can specify a list of variables that should be masked in debug output.
The basic structure of a mask configuration is shown by the following XML representation:

Note that the name of the mask must be "default".

<MaskDataConfiguration name="default">
  <XPathsRequest>
	<XPathRequest>/apigee:Greeting/apigee:User</XPathRequest>
  </XPathsRequest>
  <XPathsResponse>
    <XPathResponse>/apigee:Greeting/apigee:User</XPathResponse>
  </XPathsResponse>
  <JSONPathsRequest>
    <JSONPathRequest>$.store.book[*].author</JSONPathRequest>
  </JSONPathsRequest>
  <JSONPathsResponse>
	<JSONPathResponse>$.store.book[*].author</JSONPathResponse>
  </JSONPathsResponse>
  <XPathsFault>
	<XPathFault>/apigee:Greeting/apigee:User</XPathFault>
  </XPathsFault>
  <JSONPathsFault>
	<JSONPathFault>$.store.book[*].author</JSONPathFault>
  </JSONPathsFault>
  <Variables>
	<Variable>request.header.user-agent</Variable>
    <Variable>request.formparam.password</Variable>
  </Variables>
</MaskDataConfiguration>

Resource URL

https://api.enterprise.apigee.com/v1 /organizations/{org_name}/apis/{api_name}/maskconfigs

Header Parameters

Name Values Description
Content-Type
(required)

Specify the Content-Type as application/json or text/xml.

Request Body

Field Name Description Default Required?
XPathsRequest A list of XPath expressions that will be evaluated against XML payloads (if any) in the request path. Any XPaths that successfully resolve will result in the value of the XML element being masked. N/A No
XPathsResponse A list of XPath expressions that will be evaluated against XML payloads (if any) in the response path. Any XPaths that successfully resolve will result in the value of the XML element being masked. N/A No
JSONPathsRequest A list of JSONPath expressions that will be evaluated against JSON payloads (if any) in the request path. Any JSONPaths that successfully resolve will result in the value of the JSON property being masked.
JSONPathsResponse A list of JSONPath expressions that will be evaluated against JSON payloads (if any) in the response path. Any JSONPaths that successfully resolve will result in the value of the JSON property being masked. N/A No
XPathsFault A list of XPath expressions that will be evaluated against XML payloads (if any) in the error flow (which executes if a fault is thrown at any point in the flow). Any XPaths that successfully resolve will result in the value of the XML element being masked. N/A No
JSONPathsFault A list of JSON expressions that will be evaluated against XML payloads (if any) in the error flow (which executes if a fault is thrown at any point in the flow). Any JSONPaths that successfully resolve will result in the value of the XML element being masked. N/A No
Variables A list of variables (either pre-defined or custom) who values will be masked. N/A No

org_name Mention the organization name true

api_name Mention the API proxy name true

HTTP Basic

OAuth 2.0

API Key

Reset

Make a request and see the response.

Make a request and see the response.

Make a request and see the response.

Working...

Help or comments?