search

ory / hydra

The most scalable and customizable OpenID Certified™ OpenID Connect and OAuth Provider on the market. Become an OpenID Connect and OAuth2 Provider over night. Broad support for related RFCs. Written in Go, cloud native, headless, API-first. Available as a service on Ory Network and for self-hosters.
https://www.ory.sh/?utm_source=github&utm_medium=banner&utm_campaign=hydra
Apache License 2.0
15.58k stars 1.49k forks source link

Configure sensitive fields that should be redacted #3687

Open JohnDuncanScott opened 10 months ago

JohnDuncanScott commented 10 months ago

Preflight checklist

Ory Network Project

No response

Describe your problem

Hydra already redacts some fields for you, such as "cookie". There are other fields that should (according to our company guidelines) also be redacted, such as: headers: cf-connecting-ip forwarded x-forwarded-for

which contain IP address, which can be deemed as sensitive.

I have searched the Hydra docs and the issues in this repo and it does not appear that it's possible to choose what fields get redacted. In this particular case, it would be great to redact more fields by default (rather than the existing config option of showing the sensitive data).

Describe your ideal solution

Configuration option for Hydra to list other fields that should be redacted in addition to the default ones. This list would be merged with the internal one that contains "cookies", "query", etc..

Workarounds or alternatives

If there is a way of doing this that's undocumented in Hydra, that would be great to know :). This data could be scrubbed elsewhere potentially, like in DataDog for example, but since you're already doing redaction and just need to expose some config to add to it, I think it's a reasonable request?

Version

oryd/hydra:v1.11.10

Additional Context

No response

alnr commented 7 months ago

Same issue: https://github.com/ory/oathkeeper/issues/1081

Needs a fix in ory/x.