API test requests and responses may contain sensitive data, such as access tokens, refresh tokens, and authorization used to access services. To avoid accidental exposure of these secrets, we have updated API test screens to mask sensitive information when a user views results for a particular step.
When you review results on the Test Output page and in the API Test Editor, the values of sensitive properties or headers are replaced with a
***** placeholder. This initial release covers the Auth, Headers, and JSON Body tabs.
If you want to view the masked values in a specific tab, you can click on the
Show icon in the upper right corner.
Initial view with masked values
When sensitive values are revealed in that particular tab, the
Show button changes to
Hide. To mask values again, click on the
View with revealed values
If you navigate away from a tab where values are revealed and return to it later, the sensitive values will be masked again when tab is reopened.
Note that names are case insensitive.
For more information on reviewing API tests, check out our docs.