We've enhanced the security and privacy of your API documentation by automatically masking sensitive fields such as API keys, tokens, and credentials in code samples and the authentication section. Sensitive values are now hidden during display but remain accessible when copied, reducing the risk of accidental exposure.
What's New?
In many API documentation and SDK examples, sensitive fields were previously shown in plain text—increasing the risk of accidental exposure when sharing screenshots or demos. With this enhancement, the Developer Portal now applies conditional masking to all identified sensitive fields.
How it works:
- Sensitive values appear masked in the UI (e.g.,
mM****************KM) - When copied, the actual values are restored for proper use in development
- Masking applies to both code samples and the authentication section
- After
- Before
New Portal Setting
A new configuration setting maskSensitiveValues allows you to control masking behavior globally:
{
"generatePortal": {
"portalSettings": {
"maskSensitiveValues": true
}
}
}
For details, see the documentation for maskSensitiveValues.
This setting is only supported for portals generated via Docs as Code.