Output Masking
These rules apply only to display-layer output. Stored OTEL, RUM, replay, and issue payloads are not modified in the database. Default rules remain active at all times; use this page to add environment-specific keys and regex patterns.
Active Sensitive Keys
28
0 custom + 28 defaults
Active Regex Patterns
12
0 custom + 12 defaults
Use Cases
UI tables, detail panels, replay JSON previews, regex sample APIs, notifications, and GitHub issue text.
Global Output Masking
SQL/Query Field Masking
Preview Current Rules
Masked output will appear here.
Add Custom Sensitive Key
Keys are normalized to lowercase before matching.
Custom Sensitive Keys
0No custom key rules yet.
Default Sensitive Keys
28
access_token
api_key
api_secret
apikey
auth_token
authorization
backup_encryption_password
bearer_token
card_number
client_secret
credit_card
cvc
cvv
id_token
passwd
password
private-key
private_key
pwd
refresh_token
s3_secret_access_key
secret
smtp_password
social_security_number
ssn
token
x-api-key
x-authorization
Add Custom Regex Pattern
Patterns are applied with DOTALL matching against rendered string values.
Custom Regex Patterns
0No custom regex rules yet.
Default Regex Patterns
12- \b[A-Za-z0-9._%+\-]+@[A-Za-z0-9.\-]+\.[A-Za-z]{2,}\b
- \beyJ[A-Za-z0-9\-_]+\.[A-Za-z0-9\-_]+\.[A-Za-z0-9\-_]*\b
- (?i)bearer\s+[A-Za-z0-9\-_.~+/]+=*
- \bAKIA[0-9A-Z]{16}\b
- \b\d{3}-\d{2}-\d{4}\b
- \b4[0-9]{12}(?:[0-9]{3})?\b
- \b5[1-5][0-9]{14}\b
- \b3[47][0-9]{13}\b
- \b6(?:011|5[0-9]{2})[0-9]{12}\b
- -----BEGIN (?:RSA |EC |DSA |OPENSSH )?PRIVATE KEY-----[\s\S]+?-----END (?:RSA |EC |DSA |OPENSSH )?PRIVATE KEY-----
- (?i)(?:password|passwd|pwd|secret|api[_\-]?key|auth[_\-]?token|access[_\-]?token)\s*[=:]\s*['\"]?[A-Za-z0-9\-_.~+/!@#$%^&*]{6,}['\"]?
- (?i)(?:Authorization|X-Api-Key|X-Auth-Token)\s*:\s*[^\r\n]+