Data masking for IP address in API Gateway

, ,
1

Hi guys,

Im trying to mask the ip address in API gateway using datamasking in error handling and response processing, but im unable to get the desired result.

Current output is giving ip address like 1.1.1.1 for which I want the result to be masked as “....”

Please suggest the correct process to execute the above requirement.

2

let me know are your trying to mass Gateway API or Native endpoint in the response processing ? If so I hope the masking criteria is set to make effect . kindly add the snapshot of the masking policy

3

Hi @DINESH_J

Whenever the IP from which we will test the url is not whitelisted in policies, currently I’m getting the response as:

HTTP/1.1 403 Forbidden
SOAPAction: “register”
X-Forwarded-For: 1.1.1.1.
Host: hostname:1234
Accept-Encoding: gzip,deflate
Content-Type: text/xml; charset=UTF-8
Strict-Transport-Security: max-age=16070400; includeSubDomains

<?xml version='1.0' encoding='UTF-8'?>ns2:ReceiverAPI Gateway encountered an error. Error Message: Unauthorized application request. Request Details: Service - servicename, Operation - register, Invocation Time:12:34:09 PM, Date:Oct 18, 2023, Client IP - 1.1.1.1, User - Default and Application:sys:defaultApplication

Here, I want to mask the IP ADDRESS to some ******** value.

I have configured the data masking policy in both response processing and Error handling with JSON as $[‘x._source.applicationIp’] with masking TYPE to MASK and set the value as ******** but it is not working.

4

This is default fault error response from the API Gateway , Since your request is unauthorized from gateway . Note this is client IP’s who is requesting your API.

Is there any requirement or security concern to mask the Client_IP to client itself ?

1 Like
5

Is there any requirement or security concern to mask the Client_IP to client itself ?

YES @DINESH_J

6

ok , if you have can you explain here ?

To achieve your requirement update your default error fault under Administration → General → fault

iPaaS API Gateway has encountered an error. Error Message: $ERROR_MESSAGE. Request Details: iPaaS Service - $SERVICE, Operation - $OPERATION, Invocation Time:$TIME, Date:$DATE, Client IP - $CLIENT_IP, User - $USER and iPaaS Application:$CONSUMER_APPLICATION

Remove the highlighted details.

Note : This will effect to all the consumer

7

But I don’t want to remove the IP, instead i want to MASK IT

8

@mounika_tpn I doubt there is there any leverage to update the application data .
I guess API which you are trying SOAP based on the content-type , But the policy applied for JSON format . Try updating the relevant one and check

9

This topic was automatically closed 180 days after the last reply. New replies are no longer allowed.