Skip to content

WIP: Encrypt API log parameters

Sam Sehnert requested to merge hotfix/api_security_encryption into master

What I did

  • Implemented encryption for saving parameters to the API log.

Implications

More difficult to recreate issues, but more secure.

Setup

Run migration for adding new encryption initialisation vector field.

How to test

Do some API requests and observe that the arguments are encrypted in the Database. Ensure they can be decrypted with the key in order to view.

Task: {{link}}

Merge request reports