{"componentChunkName":"component---src-templates-platform-tsx","path":"/platforms/javascript/data-management/sensitive-data/","result":{"data":{"file":{"id":"0f43dec1-46dd-5a41-9378-de330808d6b1","relativePath":"common/data-management/sensitive-data/index.mdx","sourceInstanceName":"platforms","childMarkdownRemark":null,"childMdx":{"body":"function _extends() { _extends = Object.assign || function (target) { for (var i = 1; i < arguments.length; i++) { var source = arguments[i]; for (var key in source) { if (Object.prototype.hasOwnProperty.call(source, key)) { target[key] = source[key]; } } } return target; }; return _extends.apply(this, arguments); }\n\nfunction _objectWithoutProperties(source, excluded) { if (source == null) return {}; var target = _objectWithoutPropertiesLoose(source, excluded); var key, i; if (Object.getOwnPropertySymbols) { var sourceSymbolKeys = Object.getOwnPropertySymbols(source); for (i = 0; i < sourceSymbolKeys.length; i++) { key = sourceSymbolKeys[i]; if (excluded.indexOf(key) >= 0) continue; if (!Object.prototype.propertyIsEnumerable.call(source, key)) continue; target[key] = source[key]; } } return target; }\n\nfunction _objectWithoutPropertiesLoose(source, excluded) { if (source == null) return {}; var target = {}; var sourceKeys = Object.keys(source); var key, i; for (i = 0; i < sourceKeys.length; i++) { key = sourceKeys[i]; if (excluded.indexOf(key) >= 0) continue; target[key] = source[key]; } return target; }\n\n/* @jsx mdx */\nvar _frontmatter = {\n  \"title\": \"Scrubbing Sensitive Data\",\n  \"sidebar_order\": 1,\n  \"keywords\": [\"pii\", \"gdpr\", \"personally identifiable data\", \"compliance\"],\n  \"redirect_from\": [\"/learn/sensitive-data/\"]\n};\n\nvar makeShortcode = function makeShortcode(name) {\n  return function MDXDefaultShortcode(props) {\n    console.warn(\"Component \" + name + \" was not imported, exported, or provided by MDXProvider as global scope\");\n    return mdx(\"div\", props);\n  };\n};\n\nvar PlatformSection = makeShortcode(\"PlatformSection\");\nvar PlatformContent = makeShortcode(\"PlatformContent\");\nvar Note = makeShortcode(\"Note\");\nvar CodeTabs = makeShortcode(\"CodeTabs\");\nvar CodeBlock = makeShortcode(\"CodeBlock\");\nvar layoutProps = {\n  _frontmatter: _frontmatter\n};\nvar MDXLayout = \"wrapper\";\nreturn function MDXContent(_ref) {\n  var components = _ref.components,\n      props = _objectWithoutProperties(_ref, [\"components\"]);\n\n  return mdx(MDXLayout, _extends({}, layoutProps, props, {\n    components: components,\n    mdxType: \"MDXLayout\"\n  }), mdx(\"p\", null, \"As with any third-party service it\\u2019s important to understand what data is being sent to Sentry, and where relevant ensure sensitive data either never reaches the Sentry servers, or at the very least it doesn\\u2019t get stored. We recommend filtering or scrubbing sensitive data within the SDK, so that data is not sent with the event, and also configuring server-side scrubbing to ensure the data is not stored.\"), mdx(\"p\", null, \"There are two great examples for data scrubbing that every company should think about:\"), mdx(\"ul\", null, mdx(\"li\", {\n    parentName: \"ul\"\n  }, \"PII (Personally Identifiable Information) such as a user's name or email address, which post-GDPR should be on every company's mind.\"), mdx(\"li\", {\n    parentName: \"ul\"\n  }, \"Authentication credentials, like your AWS password or key.\"), mdx(\"li\", {\n    parentName: \"ul\"\n  }, \"Confidential IP (Intellectual Property), such as your favorite color, or your upcoming plans for world domination.\")), mdx(\"h2\", {\n    \"id\": \"personally-identifiable-information-pii\",\n    \"style\": {\n      \"position\": \"relative\"\n    }\n  }, mdx(\"a\", _extends({\n    parentName: \"h2\"\n  }, {\n    \"href\": \"#personally-identifiable-information-pii\",\n    \"aria-label\": \"personally identifiable information pii permalink\",\n    \"className\": \"anchor before\"\n  }), mdx(\"svg\", _extends({\n    parentName: \"a\"\n  }, {\n    \"viewBox\": \"0 0 24 24\",\n    \"xmlns\": \"http://www.w3.org/2000/svg\"\n  }), mdx(\"path\", _extends({\n    parentName: \"svg\"\n  }, {\n    \"d\": \"M10.879 6.05L15 1.93A5.001 5.001 0 0 1 22.071 9l-4.121 4.121a1 1 0 0 1-1.414-1.414l4.12-4.121a3 3 0 1 0-4.242-4.243l-4.121 4.121a1 1 0 1 1-1.414-1.414zm2.242 11.9L9 22.07A5 5 0 1 1 1.929 15l4.121-4.121a1 1 0 0 1 1.414 1.414l-4.12 4.121a3 3 0 1 0 4.242 4.243l4.121-4.121a1 1 0 1 1 1.414 1.414zm-8.364-.122l13.071-13.07a1 1 0 0 1 1.415 1.414L6.172 19.242a1 1 0 1 1-1.415-1.414z\",\n    \"fill\": \"currentColor\"\n  })))), \"Personally Identifiable Information (PII)\"), mdx(\"p\", null, \"Our newer SDKs do not purposefully send PII to stay on the safe side. This behavior is controlled by an option called \", mdx(\"a\", _extends({\n    parentName: \"p\"\n  }, {\n    \"href\": \"../../configuration/options/#send-default-pii\"\n  }), mdx(\"inlineCode\", {\n    parentName: \"a\"\n  }, \"send-default-pii\")), \".\"), mdx(\"p\", null, \"Turning this option on is required for certain features in Sentry to work, but also means you will need to be even more careful about what data is being sent to Sentry (using the options below).\"), mdx(PlatformSection, {\n    notSupported: [\"native.breakpad\", \"native.crashpad\", \"native.minidumps\", \"native.ue4\"],\n    mdxType: \"PlatformSection\"\n  }, \"If you _do not_ wish to use the default PII behavior, you can also choose to identify users in a more controlled manner, using our [user identity context](../../enriching-events/identify-user/).\"), mdx(\"h3\", {\n    \"id\": \"confidential-information-in-alerts\",\n    \"style\": {\n      \"position\": \"relative\"\n    }\n  }, mdx(\"a\", _extends({\n    parentName: \"h3\"\n  }, {\n    \"href\": \"#confidential-information-in-alerts\",\n    \"aria-label\": \"confidential information in alerts permalink\",\n    \"className\": \"anchor before\"\n  }), mdx(\"svg\", _extends({\n    parentName: \"a\"\n  }, {\n    \"viewBox\": \"0 0 24 24\",\n    \"xmlns\": \"http://www.w3.org/2000/svg\"\n  }), mdx(\"path\", _extends({\n    parentName: \"svg\"\n  }, {\n    \"d\": \"M10.879 6.05L15 1.93A5.001 5.001 0 0 1 22.071 9l-4.121 4.121a1 1 0 0 1-1.414-1.414l4.12-4.121a3 3 0 1 0-4.242-4.243l-4.121 4.121a1 1 0 1 1-1.414-1.414zm2.242 11.9L9 22.07A5 5 0 1 1 1.929 15l4.121-4.121a1 1 0 0 1 1.414 1.414l-4.12 4.121a3 3 0 1 0 4.242 4.243l4.121-4.121a1 1 0 1 1 1.414 1.414zm-8.364-.122l13.071-13.07a1 1 0 0 1 1.415 1.414L6.172 19.242a1 1 0 1 1-1.415-1.414z\",\n    \"fill\": \"currentColor\"\n  })))), \"Confidential Information in Alerts\"), mdx(\"p\", null, \"It\\u2019s common that compliance within your company may mean that data can only be transmitted over SSL and securely stored. One area where this often comes up is with email notifications. By default, Sentry will send a large amount of data as part of the issue notification. In some cases, this data may be source code or other user data.\"), mdx(\"p\", null, \"If you need to work around this, you can enable the \", mdx(\"strong\", {\n    parentName: \"p\"\n  }, \"Enhanced Privacy\"), \" setting for your organization. To do so, visit your organization\\u2019s dashboard, click \", mdx(\"strong\", {\n    parentName: \"p\"\n  }, \"Settings\"), \", and then tick the option to enable enhanced privacy. Once you've enabled this setting, parts of the system, primarily email notifications, will immediately reflect the change and begin restricting data to only basic attributes, such as the issue title and description.\"), mdx(PlatformSection, {\n    notSupported: [\"perl\"],\n    mdxType: \"PlatformSection\"\n  }, mdx(\"h2\", {\n    \"id\": \"scrubbing-data\",\n    \"style\": {\n      \"position\": \"relative\"\n    }\n  }, mdx(\"a\", _extends({\n    parentName: \"h2\"\n  }, {\n    \"href\": \"#scrubbing-data\",\n    \"aria-label\": \"scrubbing data permalink\",\n    \"className\": \"anchor before\"\n  }), mdx(\"svg\", _extends({\n    parentName: \"a\"\n  }, {\n    \"viewBox\": \"0 0 24 24\",\n    \"xmlns\": \"http://www.w3.org/2000/svg\"\n  }), mdx(\"path\", _extends({\n    parentName: \"svg\"\n  }, {\n    \"d\": \"M10.879 6.05L15 1.93A5.001 5.001 0 0 1 22.071 9l-4.121 4.121a1 1 0 0 1-1.414-1.414l4.12-4.121a3 3 0 1 0-4.242-4.243l-4.121 4.121a1 1 0 1 1-1.414-1.414zm2.242 11.9L9 22.07A5 5 0 1 1 1.929 15l4.121-4.121a1 1 0 0 1 1.414 1.414l-4.12 4.121a3 3 0 1 0 4.242 4.243l4.121-4.121a1 1 0 1 1 1.414 1.414zm-8.364-.122l13.071-13.07a1 1 0 0 1 1.415 1.414L6.172 19.242a1 1 0 1 1-1.415-1.414z\",\n    \"fill\": \"currentColor\"\n  })))), \"Scrubbing Data\"), mdx(\"p\", null, \"SDKs provide a \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"before-send\"), \" hook, which is invoked before an event is sent and can be used to modify event data to remove sensitive information. Using \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"before-send\"), \" in the SDKs to \", mdx(\"strong\", {\n    parentName: \"p\"\n  }, \"scrub any data before it is sent\"), \" is the recommended scrubbing approach, so sensitive data never leaves the local environment.\"), mdx(PlatformContent, {\n    includePath: \"configuration/before-send\",\n    mdxType: \"PlatformContent\"\n  }), mdx(Note, {\n    mdxType: \"Note\"\n  }, mdx(\"markdown\", null, mdx(\"p\", null, \"Ensure that your team is aware of your company's policy around what can and cannot be sent to Sentry. We recommend determining this policy early in your implementation and communicating it as well as enforcing it via code review.\"))), mdx(\"p\", null, \"There's a few areas you should consider that sensitive data may appear:\"), mdx(\"ul\", null, mdx(\"li\", {\n    parentName: \"ul\"\n  }, \"Stack-locals \\u2192 some SDKs (Python + PHP), will pick up variable values within the stacktrace. This can be scrubbed or disabled altogether, if necessary\"), mdx(\"li\", {\n    parentName: \"ul\"\n  }, \"Breadcrumbs \\u2192 some SDKs (for example, JavaScript, Java logging integrations) will pick up previously executed log statements. \", mdx(\"strong\", {\n    parentName: \"li\"\n  }, \"Do not log PII\"), \" if using this feature and including log statements as breadcrumbs in the event. Some backend SDKs will surface DB queries which may need to be scrubbed\"), mdx(\"li\", {\n    parentName: \"ul\"\n  }, \"User context \\u2192 automated behavior is controlled via \", mdx(\"inlineCode\", {\n    parentName: \"li\"\n  }, \"send-default-pii\")), mdx(\"li\", {\n    parentName: \"ul\"\n  }, \"HTTP context \\u2192 query strings may be picked up in some frameworks as part of the HTTP request context\")), mdx(\"p\", null, \"For more details, see \", mdx(\"a\", _extends({\n    parentName: \"p\"\n  }, {\n    \"href\": \"../../configuration/filtering/\"\n  }), mdx(\"em\", {\n    parentName: \"a\"\n  }, \"Filtering Events\")), \".\"), mdx(\"h3\", {\n    \"id\": \"examples\",\n    \"style\": {\n      \"position\": \"relative\"\n    }\n  }, mdx(\"a\", _extends({\n    parentName: \"h3\"\n  }, {\n    \"href\": \"#examples\",\n    \"aria-label\": \"examples permalink\",\n    \"className\": \"anchor before\"\n  }), mdx(\"svg\", _extends({\n    parentName: \"a\"\n  }, {\n    \"viewBox\": \"0 0 24 24\",\n    \"xmlns\": \"http://www.w3.org/2000/svg\"\n  }), mdx(\"path\", _extends({\n    parentName: \"svg\"\n  }, {\n    \"d\": \"M10.879 6.05L15 1.93A5.001 5.001 0 0 1 22.071 9l-4.121 4.121a1 1 0 0 1-1.414-1.414l4.12-4.121a3 3 0 1 0-4.242-4.243l-4.121 4.121a1 1 0 1 1-1.414-1.414zm2.242 11.9L9 22.07A5 5 0 1 1 1.929 15l4.121-4.121a1 1 0 0 1 1.414 1.414l-4.12 4.121a3 3 0 1 0 4.242 4.243l4.121-4.121a1 1 0 1 1 1.414 1.414zm-8.364-.122l13.071-13.07a1 1 0 0 1 1.415 1.414L6.172 19.242a1 1 0 1 1-1.415-1.414z\",\n    \"fill\": \"currentColor\"\n  })))), \"Examples\"), mdx(\"p\", null, mdx(\"strong\", {\n    parentName: \"p\"\n  }, \"Contextual information\")), mdx(\"p\", null, \"Instead of sending confidential information in plaintext, considering hashing it:\"), mdx(\"div\", {\n    \"className\": \"code-tabs-wrapper\"\n  }, mdx(CodeTabs, {\n    mdxType: \"CodeTabs\"\n  }, mdx(CodeBlock, {\n    language: \"javascript\",\n    title: \"\",\n    filename: \"\",\n    mdxType: \"CodeBlock\"\n  }, mdx(\"div\", _extends({\n    parentName: \"div\"\n  }, {\n    \"className\": \"gatsby-highlight\",\n    \"data-language\": \"javascript\"\n  }), mdx(\"pre\", _extends({\n    parentName: \"div\"\n  }, {\n    \"className\": \"language-javascript\"\n  }), mdx(\"code\", _extends({\n    parentName: \"pre\"\n  }, {\n    \"className\": \"language-javascript\"\n  }), \"Sentry\", mdx(\"span\", _extends({\n    parentName: \"code\"\n  }, {\n    \"className\": \"token punctuation\"\n  }), \".\"), mdx(\"span\", _extends({\n    parentName: \"code\"\n  }, {\n    \"className\": \"token function\"\n  }), \"setTag\"), mdx(\"span\", _extends({\n    parentName: \"code\"\n  }, {\n    \"className\": \"token punctuation\"\n  }), \"(\"), mdx(\"span\", _extends({\n    parentName: \"code\"\n  }, {\n    \"className\": \"token string\"\n  }), \"\\\"birthday\\\"\"), mdx(\"span\", _extends({\n    parentName: \"code\"\n  }, {\n    \"className\": \"token punctuation\"\n  }), \",\"), \" \", mdx(\"span\", _extends({\n    parentName: \"code\"\n  }, {\n    \"className\": \"token function\"\n  }), \"checksum_or_hash\"), mdx(\"span\", _extends({\n    parentName: \"code\"\n  }, {\n    \"className\": \"token punctuation\"\n  }), \"(\"), mdx(\"span\", _extends({\n    parentName: \"code\"\n  }, {\n    \"className\": \"token string\"\n  }), \"\\\"08/12/1990\\\"\"), mdx(\"span\", _extends({\n    parentName: \"code\"\n  }, {\n    \"className\": \"token punctuation\"\n  }), \")\"), mdx(\"span\", _extends({\n    parentName: \"code\"\n  }, {\n    \"className\": \"token punctuation\"\n  }), \")\"), mdx(\"span\", _extends({\n    parentName: \"code\"\n  }, {\n    \"className\": \"token punctuation\"\n  }), \";\"))))))), mdx(\"p\", null, \"This will allow you to correlate it within internal systems if needed, but keep it confidential from Sentry.\"), mdx(\"p\", null, mdx(\"strong\", {\n    parentName: \"p\"\n  }, \"User details\")), mdx(\"p\", null, \"Your organization may determine that emails are not considered confidential, but if they are, consider instead sending your internal identifier:\"), mdx(\"div\", {\n    \"className\": \"code-tabs-wrapper\"\n  }, mdx(CodeTabs, {\n    mdxType: \"CodeTabs\"\n  }, mdx(CodeBlock, {\n    language: \"javascript\",\n    title: \"\",\n    filename: \"\",\n    mdxType: \"CodeBlock\"\n  }, mdx(\"div\", _extends({\n    parentName: \"div\"\n  }, {\n    \"className\": \"gatsby-highlight\",\n    \"data-language\": \"javascript\"\n  }), mdx(\"pre\", _extends({\n    parentName: \"div\"\n  }, {\n    \"className\": \"language-javascript\"\n  }), mdx(\"code\", _extends({\n    parentName: \"pre\"\n  }, {\n    \"className\": \"language-javascript\"\n  }), \"Sentry\", mdx(\"span\", _extends({\n    parentName: \"code\"\n  }, {\n    \"className\": \"token punctuation\"\n  }), \".\"), mdx(\"span\", _extends({\n    parentName: \"code\"\n  }, {\n    \"className\": \"token function\"\n  }), \"setUser\"), mdx(\"span\", _extends({\n    parentName: \"code\"\n  }, {\n    \"className\": \"token punctuation\"\n  }), \"(\"), mdx(\"span\", _extends({\n    parentName: \"code\"\n  }, {\n    \"className\": \"token punctuation\"\n  }), \"{\"), \" id\", mdx(\"span\", _extends({\n    parentName: \"code\"\n  }, {\n    \"className\": \"token operator\"\n  }), \":\"), \" user\", mdx(\"span\", _extends({\n    parentName: \"code\"\n  }, {\n    \"className\": \"token punctuation\"\n  }), \".\"), \"id \", mdx(\"span\", _extends({\n    parentName: \"code\"\n  }, {\n    \"className\": \"token punctuation\"\n  }), \"}\"), mdx(\"span\", _extends({\n    parentName: \"code\"\n  }, {\n    \"className\": \"token punctuation\"\n  }), \")\"), mdx(\"span\", _extends({\n    parentName: \"code\"\n  }, {\n    \"className\": \"token punctuation\"\n  }), \";\"), \"\\n\\n\", mdx(\"span\", _extends({\n    parentName: \"code\"\n  }, {\n    \"className\": \"token comment\"\n  }), \"// or\"), \"\\n\\nSentry\", mdx(\"span\", _extends({\n    parentName: \"code\"\n  }, {\n    \"className\": \"token punctuation\"\n  }), \".\"), mdx(\"span\", _extends({\n    parentName: \"code\"\n  }, {\n    \"className\": \"token function\"\n  }), \"setUser\"), mdx(\"span\", _extends({\n    parentName: \"code\"\n  }, {\n    \"className\": \"token punctuation\"\n  }), \"(\"), mdx(\"span\", _extends({\n    parentName: \"code\"\n  }, {\n    \"className\": \"token punctuation\"\n  }), \"{\"), \" username\", mdx(\"span\", _extends({\n    parentName: \"code\"\n  }, {\n    \"className\": \"token operator\"\n  }), \":\"), \" user\", mdx(\"span\", _extends({\n    parentName: \"code\"\n  }, {\n    \"className\": \"token punctuation\"\n  }), \".\"), \"username \", mdx(\"span\", _extends({\n    parentName: \"code\"\n  }, {\n    \"className\": \"token punctuation\"\n  }), \"}\"), mdx(\"span\", _extends({\n    parentName: \"code\"\n  }, {\n    \"className\": \"token punctuation\"\n  }), \")\"), mdx(\"span\", _extends({\n    parentName: \"code\"\n  }, {\n    \"className\": \"token punctuation\"\n  }), \";\"))))))), mdx(\"p\", null, \"Doing this will ensure you still benefit from user-impact related features.\"), mdx(\"p\", null, mdx(\"strong\", {\n    parentName: \"p\"\n  }, \"Logging integrations\")), mdx(\"p\", null, \"As a best practice you should always avoid logging confidential information. If you have legacy systems you need to work around, consider the following:\"), mdx(\"ul\", null, mdx(\"li\", {\n    parentName: \"ul\"\n  }, \"Anonymize the confidential information within the log statements (for example, swap out email addresses -> for internal identifiers)\"), mdx(\"li\", {\n    parentName: \"ul\"\n  }, \"Use \", mdx(\"inlineCode\", {\n    parentName: \"li\"\n  }, \"beforeBreadcrumb\"), \" to filter it out from breadcrumbs before it is attached\"), mdx(\"li\", {\n    parentName: \"ul\"\n  }, \"Disable logging breadcrumb integration (for example, as described \", \"[here]\", \" /platforms/javascript/#breadcrumbs-10)\"))), mdx(\"h3\", {\n    \"id\": \"server-side-controls\",\n    \"style\": {\n      \"position\": \"relative\"\n    }\n  }, mdx(\"a\", _extends({\n    parentName: \"h3\"\n  }, {\n    \"href\": \"#server-side-controls\",\n    \"aria-label\": \"server side controls permalink\",\n    \"className\": \"anchor before\"\n  }), mdx(\"svg\", _extends({\n    parentName: \"a\"\n  }, {\n    \"viewBox\": \"0 0 24 24\",\n    \"xmlns\": \"http://www.w3.org/2000/svg\"\n  }), mdx(\"path\", _extends({\n    parentName: \"svg\"\n  }, {\n    \"d\": \"M10.879 6.05L15 1.93A5.001 5.001 0 0 1 22.071 9l-4.121 4.121a1 1 0 0 1-1.414-1.414l4.12-4.121a3 3 0 1 0-4.242-4.243l-4.121 4.121a1 1 0 1 1-1.414-1.414zm2.242 11.9L9 22.07A5 5 0 1 1 1.929 15l4.121-4.121a1 1 0 0 1 1.414 1.414l-4.12 4.121a3 3 0 1 0 4.242 4.243l4.121-4.121a1 1 0 1 1 1.414 1.414zm-8.364-.122l13.071-13.07a1 1 0 0 1 1.415 1.414L6.172 19.242a1 1 0 1 1-1.415-1.414z\",\n    \"fill\": \"currentColor\"\n  })))), \"Server-Side Controls\"), mdx(\"p\", null, \"If you cannot - or do not want to - scrub data within the SDK, Sentry provides a number of options to achieve this in the product itself. You'll find these settings under the \", mdx(\"strong\", {\n    parentName: \"p\"\n  }, \"Data Scrubber\"), \" option within both your Organization and individual Project settings. By default this is enabled, and we highly recommend you keep it that way. With it enabled, Sentry will scrub the following:\"), mdx(\"ul\", null, mdx(\"li\", {\n    parentName: \"ul\"\n  }, \"Values that look like they contain credit cards (using a basic regular expression)\"), mdx(\"li\", {\n    parentName: \"ul\"\n  }, \"Values that themselves contain, or whose keynames contain, any of the following strings:\", mdx(\"ul\", {\n    parentName: \"li\"\n  }, mdx(\"li\", {\n    parentName: \"ul\"\n  }, \"password\"), mdx(\"li\", {\n    parentName: \"ul\"\n  }, \"secret\"), mdx(\"li\", {\n    parentName: \"ul\"\n  }, \"passwd\"), mdx(\"li\", {\n    parentName: \"ul\"\n  }, \"api_key\"), mdx(\"li\", {\n    parentName: \"ul\"\n  }, \"apikey\"), mdx(\"li\", {\n    parentName: \"ul\"\n  }, \"access_token\"), mdx(\"li\", {\n    parentName: \"ul\"\n  }, \"auth_token\"), mdx(\"li\", {\n    parentName: \"ul\"\n  }, \"credentials\"), mdx(\"li\", {\n    parentName: \"ul\"\n  }, \"mysql_pwd\"), mdx(\"li\", {\n    parentName: \"ul\"\n  }, \"stripetoken\"), mdx(\"li\", {\n    parentName: \"ul\"\n  }, \"card\", \"[number]\"))), mdx(\"li\", {\n    parentName: \"ul\"\n  }, \"Any keys which match values that you\\u2019ve added to the list of additional fields in your Project Settings.\")), mdx(\"p\", null, \"Sentry will redact arrays and literal values, but not entire objects. For example:\"), mdx(\"div\", {\n    \"className\": \"code-tabs-wrapper\"\n  }, mdx(CodeTabs, {\n    mdxType: \"CodeTabs\"\n  }, mdx(CodeBlock, {\n    language: \"bash\",\n    title: \"\",\n    filename: \"\",\n    mdxType: \"CodeBlock\"\n  }, mdx(\"div\", _extends({\n    parentName: \"div\"\n  }, {\n    \"className\": \"gatsby-highlight\",\n    \"data-language\": \"bash\"\n  }), mdx(\"pre\", _extends({\n    parentName: \"div\"\n  }, {\n    \"className\": \"language-bash\"\n  }), mdx(\"code\", _extends({\n    parentName: \"pre\"\n  }, {\n    \"className\": \"language-bash\"\n  }), \"credentials \", mdx(\"span\", _extends({\n    parentName: \"code\"\n  }, {\n    \"className\": \"token operator\"\n  }), \"=\"), \" \", mdx(\"span\", _extends({\n    parentName: \"code\"\n  }, {\n    \"className\": \"token punctuation\"\n  }), \"{\"), \"\\n  username: \", mdx(\"span\", _extends({\n    parentName: \"code\"\n  }, {\n    \"className\": \"token string\"\n  }), \"'jane'\"), \",\\n  cats: \", mdx(\"span\", _extends({\n    parentName: \"code\"\n  }, {\n    \"className\": \"token punctuation\"\n  }), \"[\"), mdx(\"span\", _extends({\n    parentName: \"code\"\n  }, {\n    \"className\": \"token string\"\n  }), \"'pancake'\"), \", \", mdx(\"span\", _extends({\n    parentName: \"code\"\n  }, {\n    \"className\": \"token string\"\n  }), \"'maple'\"), \", \", mdx(\"span\", _extends({\n    parentName: \"code\"\n  }, {\n    \"className\": \"token string\"\n  }), \"'hellboy'\"), mdx(\"span\", _extends({\n    parentName: \"code\"\n  }, {\n    \"className\": \"token punctuation\"\n  }), \"]\"), \"\\n  password: \", mdx(\"span\", _extends({\n    parentName: \"code\"\n  }, {\n    \"className\": \"token string\"\n  }), \"'p4ssw0rd!'\"), \",\\n  lastLogin: \", mdx(\"span\", _extends({\n    parentName: \"code\"\n  }, {\n    \"className\": \"token string\"\n  }), \"'yesterday'\"), \",\\n  \", mdx(\"span\", _extends({\n    parentName: \"code\"\n  }, {\n    \"className\": \"token punctuation\"\n  }), \"..\"), \".\\n\", mdx(\"span\", _extends({\n    parentName: \"code\"\n  }, {\n    \"className\": \"token punctuation\"\n  }), \"}\"))))))), mdx(\"p\", null, \"Using the default options would not cause the \", mdx(\"em\", {\n    parentName: \"p\"\n  }, \"object\"), \" \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"credentials\"), \" to be redacted in its entirety; rather, all of its entries would be subject to scrubbing. So \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"password\"), \" would be redacted by default, and adding \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"cats\"), \", \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"username\"), \", and/or \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"lastLogin\"), \" to the list of additional fields would cause those values to be redacted as well.\"), mdx(Note, {\n    mdxType: \"Note\"\n  }, mdx(\"markdown\", null, mdx(\"p\", null, \"You can choose to expand the keys which are scrubbed by the server, as well as prevent IP addresses from being stored. The latter is particularly important if you\\u2019re concerned about PII and using our Browser JavaScript SDK.\"))), mdx(\"p\", null, \"In addition, we provide an \", mdx(\"a\", _extends({\n    parentName: \"p\"\n  }, {\n    \"href\": \"advanced-datascrubbing/\"\n  }), mdx(\"em\", {\n    parentName: \"a\"\n  }, \"Advanced Data Scrubbing\")), \" feature which allows more control over how filters are applied..\"), mdx(\"h2\", {\n    \"id\": \"removing-data\",\n    \"style\": {\n      \"position\": \"relative\"\n    }\n  }, mdx(\"a\", _extends({\n    parentName: \"h2\"\n  }, {\n    \"href\": \"#removing-data\",\n    \"aria-label\": \"removing data permalink\",\n    \"className\": \"anchor before\"\n  }), mdx(\"svg\", _extends({\n    parentName: \"a\"\n  }, {\n    \"viewBox\": \"0 0 24 24\",\n    \"xmlns\": \"http://www.w3.org/2000/svg\"\n  }), mdx(\"path\", _extends({\n    parentName: \"svg\"\n  }, {\n    \"d\": \"M10.879 6.05L15 1.93A5.001 5.001 0 0 1 22.071 9l-4.121 4.121a1 1 0 0 1-1.414-1.414l4.12-4.121a3 3 0 1 0-4.242-4.243l-4.121 4.121a1 1 0 1 1-1.414-1.414zm2.242 11.9L9 22.07A5 5 0 1 1 1.929 15l4.121-4.121a1 1 0 0 1 1.414 1.414l-4.12 4.121a3 3 0 1 0 4.242 4.243l4.121-4.121a1 1 0 1 1 1.414 1.414zm-8.364-.122l13.071-13.07a1 1 0 0 1 1.415 1.414L6.172 19.242a1 1 0 1 1-1.415-1.414z\",\n    \"fill\": \"currentColor\"\n  })))), \"Removing Data\"), mdx(\"p\", null, \"If you\\u2019ve accidentally sent sensitive data to the server it\\u2019s likely you\\u2019re not going to want to leave it there. There are a few things to note in removal:\"), mdx(\"ul\", null, mdx(\"li\", {\n    parentName: \"ul\"\n  }, \"If you send it as a tagged value, removing the event is not enough. You can visit Project Settings and under Tags you\\u2019ll find a way to permanently remove any related data for a given tag.\"), mdx(\"li\", {\n    parentName: \"ul\"\n  }, \"If you need to wipe just a single event, you\\u2019ll find the ability to bulk delete all sampled events under a rollup by visiting the rollup details page and selecting \\u201CDelete\\u201D.\"), mdx(\"li\", {\n    parentName: \"ul\"\n  }, \"If you send sparse events to a project (potentially all of them), your only option is to remove the project and re-create it. Keep in mind this will revoke API credentials, so you likely want to do this in the reverse order.\")));\n}\n;\nMDXContent.isMDXComponent = true;","tableOfContents":{"items":[{"url":"#personally-identifiable-information-pii","title":"Personally Identifiable Information (PII)","items":[{"url":"#confidential-information-in-alerts","title":"Confidential Information in Alerts"}]},{"url":"#scrubbing-data","title":"Scrubbing Data","items":[{"url":"#examples","title":"Examples"},{"url":"#server-side-controls","title":"Server-Side Controls"}]},{"url":"#removing-data","title":"Removing Data"}]},"internal":{"type":"Mdx"}}}},"pageContext":{"excerpt":"As with any third-party service it’s important to understand what data is being sent to Sentry, and where relevant ensure sensitive data either never reaches the Sentry servers, or at the very least it doesn’t get stored. We recommend filtering or scrubbing sensitive data within the SDK, so that data is not sent with the event, and also configuring server-side scrubbing to ensure the data is not stored. There are two great examples for data scrubbing that every company should think about: PII (Personally Identifiable Information) such as a user's name or email address, which post-GDPR should be on every company's mind. Authentication credentials, like your AWS password or key. Confidential IP (Intellectual Property), such as your favorite color, or your upcoming plans for world domination. Personally Identifiable Information (PII) Our newer SDKs do not purposefully send PII to stay on the safe side. This behavior is controlled by an option called  send-default-pii . Turning this option on is required for certain features in Sentry to work, but also means you will need to be even more careful about what data is being sent to Sentry (using the options below). Confidential Information in Alerts It’s common that compliance within your company may mean that data can only be transmitted over SSL and securely stored. One area where this often comes up is with email notifications. By default, Sentry will send a large amount of data as part of the issue notification. In some cases, this data may be source code or other user data. If you need to work around this, you can enable the  Enhanced Privacy  setting for your organization. To do so, visit your organization’s dashboard, click  Settings , and then tick the option to enable enhanced privacy. Once you've enabled this setting, parts of the system, primarily email notifications, will immediately reflect the change and begin restricting data to only basic attributes, such as the issue title and description. Scrubbing Data SDKs provide a  before-send  hook, which is invoked before an event is sent and can be used to modify event data to remove sensitive information. Using  before-send  in the SDKs to  scrub any data before it is sent  is the recommended scrubbing approach, so sensitive data never leaves the local environment. Ensure that your team is aware of your company's policy around what can and cannot be sent to Sentry. We recommend determining this policy early in your implementation and communicating it as well as enforcing it via code review. There's a few areas you should consider that sensitive data may appear: Stack-locals → some SDKs (Python + PHP), will pick up variable values within the stacktrace. This can be scrubbed or disabled altogether, if necessary Breadcrumbs → some SDKs (for example, JavaScript, Java logging integrations) will pick up previously executed log statements.  Do not log PII  if using this feature and including log statements as breadcrumbs in the event. Some backend SDKs will surface DB queries which may need to be scrubbed User context → automated behavior is controlled via  send-default-pii HTTP context → query strings may be picked up in some frameworks as part of the HTTP request context For more details, see  Filtering Events . Examples Contextual information Instead of sending confidential information in plaintext, considering hashing it: This will allow you to correlate it within internal systems if needed, but keep it confidential from Sentry. User details Your organization may determine that emails are not considered confidential, but if they are, consider instead sending your internal identifier: Doing this will ensure you still benefit from user-impact related features. Logging integrations As a best practice you should always avoid logging confidential information. If you have legacy systems you need to work around, consider the following: Anonymize the confidential information within the log statements (for example, swap out email addresses -> for internal identifiers) Use  beforeBreadcrumb  to filter it out from breadcrumbs before it is attached Disable logging breadcrumb integration (for example, as described  here  /platforms/javascript/#breadcrumbs-10) Server-Side Controls If you cannot - or do not want to - scrub data within the SDK, Sentry provides a number of options to achieve this in the product itself. You'll find these settings under the  Data Scrubber  option within both your Organization and individual Project settings. By default this is enabled, and we highly recommend you keep it that way. With it enabled, Sentry will scrub the following: Values that look like they contain credit cards (using a basic regular expression) Values that themselves contain, or whose keynames contain, any of the following strings: password secret passwd api_key apikey access_token auth_token credentials mysql_pwd stripetoken card number Any keys which match values that you’ve added to the list of additional fields in your…","title":"Scrubbing Sensitive Data","sidebar_order":1,"redirect_from":["/learn/sensitive-data/"],"keywords":["pii","gdpr","personally identifiable data","compliance"],"platform":{"name":"javascript","title":"JavaScript"},"notoc":true,"id":"0f43dec1-46dd-5a41-9378-de330808d6b1"}},"staticQueryHashes":["1218203755","1222113826","1222113826","1766336459","2158593473","2404336828","2472290386","2764967025","3818502851","4015007367","4192517163","4264099332","518019976"]}