Some potentially sensitive items were being logged to a readable file by some consumers of the SDK.
This change redacts additional items in the Device challenge payload which could potentially contain sensitive information, given that they are produced by 3rd party integrations.
Solution (Technical)
Redact Managment attestation JWTs (remove device attestation key from allowlist)
Redact signalProvider and Integration details by adding another layer of allow list (to preserve debuggability)
Problem Analysis (Technical)
Some potentially sensitive items were being logged to a readable file by some consumers of the SDK. This change redacts additional items in the Device challenge payload which could potentially contain sensitive information, given that they are produced by 3rd party integrations.
Solution (Technical)
Affected Components
OktaDeviceBindJWTPayload