Property | Description |
Consumer Applications | Specifies the applications for which the masking criterion has to be applied. Start typing the application name, select the application from the type-ahead search results displayed, and click ![]() You can use the delete icon ![]() |
XPath. Specifies the masking criteria for XPath expressions in the error messages. | |
Masking Criteria | Click Add masking criteria and provide the following information and click Add: ![]() ![]() ![]() You can add multiple masking criteria. As Query expression and Mask Value properties support variable framework, you can use the available variables. In case of query expression, if you provide variable syntax, the XPath is applied on the payload using the value that is resolved from the variable given. For example, if you provide a query expression as ${request.headers.myxpath} and the corresponding mask value as ${request.headers.var1} , and if the incoming request header myxpath is configured with value //ns:cardNumber, then the card number derived from the payload is masked with the header value in var1 . For details about the variables available in API Gateway, see
Variables Available in API Gateway. ![]() ![]() ![]() Note: You can add multiple namespace prefix and URI by clicking ![]() |
JSONPath. This is applicable only for REST API. Specifies the masking criteria for JSONPath expressions in the error messages. | |
Masking Criteria | Click Add masking criteria and provide the following information and click Add: ![]() ![]() ![]() As Query expression and Mask Value properties support variable framework, you can use the available variables. In case of query expression, if you provide variable syntax, the JSONPath is applied on the payload using the value that is resolved from the variable given. For example, if you provide a query expression as ${request.headers.myjsonpath} and the corresponding mask value as ${request.headers.var1} , and if the incoming request header myjsonpath is configured with value $.cardNumber, then the card number derived from the payload is masked with the header value in var1 . For details about the variables available in API Gateway, see
Variables Available in API Gateway. |
Regex. Specifies the masking criteria for regular expressions in the error messages. | |
Masking Criteria | Click Add masking criteria and provide the following information and click Add: ![]() ![]() ![]() As Query expression and Mask Value properties support variable framework, you can use the available variables. In case of query expression, if you provide variable syntax, the regex is applied on the payload using the value that is resolved from the variable given. For example, if you provide a query expression as ${request.headers.myregex} and the corresponding mask value as ${request.headers.var1} , then the regex is applied using the value configured in the request header myregex and the derived value is masked with the header value in var1 . For details about the variables available in API Gateway, see
Variables Available in API Gateway. |
Apply for transaction Logging | Select this option to apply masking criteria for transactional logs. When you select this option the transactional log for the response is masked on top of response sent to the client. |
Apply for payload | Select this option to apply masking criteria for payload. When you select this option the payload in the response sent to the client is masked. Note: When you select this option it automatically masks the data in the transactional log. |