Setup API Sign Up Run Tests Env Vars Hide Info Chaining Requests Nested Endpoints Default Values Include Project Name Custom Report Add to Project

Hiding Sensitive Information

We need to configure ScanAPI in order to hide the sensitive information of /login in our report. Create a configuration file scanapi.conf in root directory with the following content:

report:
  hide_request:
    body:
      - password
  hide_response:
    body:
      - key

The folder structure should look like this now:

- scanapi (root directory)
|── .env
|── scanapi-report.html
|── scanapi.conf
|___  scanapi.yaml

Let’s run ScanAPI again and reload the report:

$ scanapi run

Hidden Credentials

Hidden key

Note that all sensitive fields are properly hidden now. Great, so let’s make some authenticated requests using the Authentication Token you received in the /login response.

« Env Vars Chaining Requests »