Update Data Masking

vazquezlopez · June 6, 2022, 9:05pm

Hello,

I triying Data Masking, with this documentation: https://cloud.google.com/apigee/docs/api-platform/security/data-masking

But, when I used “updateMask”, the request is OK, but there is not any update in my data masking. Any suggestion about how I must use “updateMask”?

I sent:

curl “https://apigee.googleapis.com/v1/organizations/gdc-latam-apigee-internal-1/environments/dev/debugmask?updateMask” -X PATCH -H “Authorization: Bearer $TOKEN” -H “Content-type: application/json” -d ‘{
“requestJSONPaths”: [
“$.store.book[].date",
"$.store.book[].version”
],
“variables”: [
“request.header.via”
],
}’

Set the updateMask query parameter to specify a field mask that includes a comma-separated list of fully-qualified names of fields in the debug mask. For example: "requestJSONPaths"

dchiesa1 · June 7, 2022, 2:19pm

I think maybe you have a stray trailing comma. This works for me.

$ curl "https://apigee.googleapis.com/v1/organizations/$ORG/environments/$ENV/debugmask" \
  -X PATCH -H "Authorization: Bearer $TOKEN" \
  -H "Content-type: application/json" -d '{
     "requestJSONPaths": [
       "$.store.book[*].date",
       "$.store.book[*].version"
     ],
     "variables": [
       "request.header.via"
     ]
}'

vazquezlopez · June 13, 2022, 4:18pm

Thank you Dino. Without the comma it works. But, my question reffer to parameter “updateMask” in the URL, I’ve used “updateMask=requestJSONPaths”, for example, when I specify requestJSONPaths, only updated this field, and it must to have all fields, ex. “updateMask=requestJSONPaths&updateMask=variables” to update all JSON request.

So, my question is what is the difference to send “updateMask” and not send it.

curl “https://apigee.googleapis.com/v1/organizations/$ORG/environments/$ENV/debugmask?updateMask=requestJSONPaths” -X PATCH -H “Authorization: Bearer $TOKEN” -H “Content-type: application/json” -d ‘{
“requestJSONPaths”: [
“$.store.book[].tittle",
"$.store.book[].ssb”
],
“variables”: [
“request.header.ip”
]
}’

dchiesa1 · June 13, 2022, 5:11pm

So, my question is what is the difference to send “updateMask” and not send it.

I think that if you do not include a field in “updateMask” then the field will not be updated. Right? I think that’s how the API is defined. I am assuming that’s how the service endpoint knows how to apply the PATCH request.

vazquezlopez · June 15, 2022, 3:10pm

I suppose that, although if it is not sent, it updates everything without problem. Thank you for your reply.

dchiesa1 · December 5, 2025, 6:34pm

a Further example for other future readers:

PATCH :apigee/v1/organizations/:org/environments/:env/debugmask
Content-Type: application/json
Authorization: Bearer :token

{
  "namespaces": {
    "myco": "http://example.com"
  },
  "requestXPaths": [
    "/myco:employee/myco:name",
    "/password"
  ],
  "requestJSONPaths": [
    "$.store.book[*].date",
    "$.store.book[*].version",
    "$.password"
  ],
  "variables": [
    "request.header.via",
    "another-variable-name"
  ]
}

Topic		Replies	Views
Data masking fails to mask json field Apigee api-runtime	6	66	October 3, 2018
Data Masking Request Content error during deployment Apigee api-runtime	10	131	May 6, 2015
Apigee Data Masking per env Apigee api-runtime	21	15	March 12, 2024

Update Data Masking

AI Suggested topics