Sensitive data shows

AMI_archerwen
Guppy

Posts: 69

Sensitive data shows Dec 29, 2022 11:14:07 GMT

Quote

Post by AMI_archerwen on Dec 29, 2022 11:14:07 GMT

About some sensitive data shows under the response, like the "Password", it shall be null and this defined in SPEC.

But if we change password for any one of account, and it will record some log under the logservice.
In this time, are we also shows null for "Password"?

Or we can just shows like this?

Thanks,
Archer.

jautor
Administrator

Posts: 519

Sensitive data shows Dec 30, 2022 21:25:32 GMT

Quote

Post by jautor on Dec 30, 2022 21:25:32 GMT

That message is an OEM-defined one, and therefore the contents are "outside of the specification" - so you can do whatever makes sense. I would personally just say "the password for account XYZ was changed" since those redacted values, in my opinion, don't provide any value.

In our standard Message Registries, we avoid creating parameters that would contain sensitive data to avoid any confusion or coding errors that could accidentally reveal that data...

Jeff

AMI_archerwen Guppy Posts: 69	Sensitive data shows Jan 10, 2023 6:04:15 GMT Quote Select Post Deselect Post Link to Post Back to Top Post by AMI_archerwen on Jan 10, 2023 6:04:15 GMT Got it, Thank you.

Post by AMI_archerwen on Dec 29, 2022 11:14:07 GMT

Post by jautor on Dec 30, 2022 21:25:32 GMT

Post by AMI_archerwen on Jan 10, 2023 6:04:15 GMT