Skip to content

Releases: speakeasy-api/speakeasy-typescript-sdk

v1.3.2

03 Oct 10:14
@TristanSpeakEasy TristanSpeakEasy
v1.3.2
b0ecb82
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.3.2 Latest
Latest 
chore: update tests from test-suite (#9)
Assets 2
Loading

Masking for sensitive data

23 Aug 16:37
@TristanSpeakEasy TristanSpeakEasy
v1.2.0
580ff10
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Masking for sensitive data

The Speakeasy SDK now supports masking sensitive data. Details below:

Masking sensitive data

Speakeasy can mask sensitive data in the query string parameters, headers, cookies and request/response bodies captured by the SDK. This is useful for maintaining sensitive data isolation, and retaining control over the data that is captured.

Using the Advanced Configuration section above you can completely ignore certain routes by not assigning the middleware to their router, causing the SDK to not capture any requests to that router.

But if you would like to be more selective you can mask certain sensitive data using our middleware controller allowing you to mask fields as needed in different handlers:

import { Masking } from '@speakeasy-api/speakeasy-typescript-sdk';

const app = express();
app.use(speakeasy.expressMiddleware());
app.all("/", (req, res) => {
	ctrl := req.controller;
	ctrl.setMaskingOpts(Masking.withRequestHeaderMask("authorization")) // Mask the authorization header in the request
	
	// the rest of your handlers code
}

The Masking function takes a number of different options to mask sensitive data in the request:

  • Masking.withQueryStringMask - withQueryStringMask will mask the specified query strings with an optional mask string.
  • Masking.withRequestHeaderMask - withRequestHeaderMask will mask the specified request headers with an optional mask string.
  • Masking.withResponseHeaderMask - withResponseHeaderMask will mask the specified response headers with an optional mask string.
  • Masking.withRequestCookieMask - withRequestCookieMask will mask the specified request cookies with an optional mask string.
  • Masking.withResponseCookieMask - withResponseCookieMask will mask the specified response cookies with an optional mask string.
  • Masking.withRequestFieldMaskString - withRequestFieldMaskString will mask the specified request body fields with an optional mask. Supports string fields only. Matches using regex.
  • Masking.withRequestFieldMaskNumber - withRequestFieldMaskNumber will mask the specified request body fields with an optional mask. Supports number fields only. Matches using regex.
  • Masking.withResponseFieldMaskString - withResponseFieldMaskString will mask the specified response body fields with an optional mask. Supports string fields only. Matches using regex.
  • Masking.withResponseFieldMaskNumber - withResponseFieldMaskNumber will mask the specified response body fields with an optional mask. Supports number fields only. Matches using regex.

Masking can also be done more globally on all routes or a selection of routes by taking advantage of middleware. Here is an example:

import speakeasy, { Config, Masking } from "@speakeasy-api/speakeasy-typescript-sdk";
import express from "express";

const app = express();

// Configure the global speakeasy SDK instance
const cfg: Config = {
  apiKey: "YOUR API KEY HERE",			// retrieve from Speakeasy API dashboard.
  apiID: "YOUR API ID HERE", 			// custom Api ID to associate captured requests with.
  versionID: "YOUR VERSION ID HERE",	// custom Version ID to associate captured requests 
  port: 3000,							// The port number your express app is listening on (required to build full URLs on non-standard ports)
};
speakeasy.configure(cfg);

// Add the speakeasy middleware to your express app
app.use(speakeasy.expressMiddleware());
app.use((req: Request, res: Response, next: NextFunction) => {
  	// Mask the authorization header in the request for all requests served by this middleware
		ctrl := req.controller;
		ctrl.setMaskingOpts(Masking.withRequestHeaderMask("authorization"))
    next();
});
Assets 2
Loading

Support SDK driven request identification to power enhanced platform capabilities

13 Aug 19:51
@simplesagar simplesagar
v1.1.0
0abc87c
Compare
Choose a tag to compare
Support SDK driven request identification to power enhanced platform capabilities

Adds support for setting an apiID and versionID per SDK instance to allow requests to be associated with APIs in the platform unambiguously
Adds support for extracting path hints (or providing them manually) which helps the platform associate requests with endpoints unambiguously
Adds support for setting a customerID per request to allow requests to be filtered per API customer/user
Adds support for routers and frameworks based on NodeJS, specifically Express and NestJS

Assets 2
Loading