webMethods and Intelligent Business Operations 10.2 | API Gateway User's Guide | Policies | System-defined Stages and Policies | Error Handling | Data Masking
 
Data Masking
Data masking is a technique whereby sensitive data is obscured in some way to render it safe and to protect the actual data while having a functional substitute for occasions when the real data is not required.
This policy is used to mask sensitive data in the custom error messages being processed and sent to the application. Fields can be masked or filtered in the error messages. You can configure the masking criteria as required for the XPath, JPath, and Regex expressions. The same criteria can be applied for transaction logging as well. This policy can also be applied at the API scope level.
The table lists the masking criteria properties that you can configure to mask the data in the request messages received:
Parameter
Description
Consumer Applications
Specifies the applications for which the masking criterion has to be applied.
Start typing the application name, select the application from the type-ahead search results displayed, and click to add one or more applications.
You can use the delete icon to delete the added applications from the list.
XPath. Specifies the masking criteria for XPath expressions in the error messages.
Masking Criteria
Click Add masking criteria and provide the following information and click Add:
*Masking Type. Specifies the type of masking required. You select either Mask or Filter.
*Query expression. Specify the query expression that has to be masked or filtered. For example: /soapenv:Fault/faultstring
*Mask Value. This is available if masking type selected is Mask. Provide a mask value. For example: Error occurred while processing the request. Please check your input request or any other meaningful message or string.
Note: You can add multiple masking criteria.
*Namespace. Specifies the following Namespace information:
*Namespace Prefix. The namespace prefix of the payload expression to be validated.
*Namespace URI. The namespace URI of the payload expression to be validated
Note: You can add multiple namespace prefix and URI by clicking .
JPath. This is applicable only for REST API. Specifies the masking criteria for JPath expressions in the error messages.
Masking Criteria
Click Add masking criteria and provide the following information and click Add:
*Masking Type. Specifies the type of masking required. You select either Mask or Filter.
*Query expression. Specify the query expression that has to be masked or filtered. For example: $.error.reason
*Mask Value. This is available if masking type selected is Mask. Provide a mask value. For example: Error occurred while processing the request. Please check your input request or any other meaningful message or string.
Regex. Specifies the masking criteria for regular expressions in the error messages.
Masking Criteria
Click Add masking criteria and provide the following information and click Add:
*Masking Type. Specifies the type of masking required. You select either Mask or Filter.
*Query expression. Specify the query expression that has to be masked or filtered. For example: (.*)
*Mask Value. This is available if masking type selected is Mask. Provide a mask value. For example: Error occurred while processing the request. Please check your input request or any other meaningful message or string.
Apply for transaction Logging
Select to apply the masking criteria to the transaction logs.
Copyright © 2015- 2018 | Software AG, Darmstadt, Germany and/or Software AG USA, Inc., Reston, VA, USA, and/or its subsidiaries and/or its affiliates and/or their licensors.
Innovation Release