Data Redaction

Our agent lets you define custom data redaction functions. Use them when you don't want sensitive data from your application getting captured in developer's frontend.

In the following example, there is a simple express server with /secret endpoint defined on line 18. It defines a sensitive variable called secret at line 19 which you do not want to be captured in tracepoints or logpoints.

const heimdall = require('@dev0/heimdall-nodejs');
  apiKey : "<company api key>",
  captureFrameDataReductionCallback: (captureFrames) => {
    captureFrames[0].locals.secret = "XXXXXX"
    return captureFrames;

const express = require('express');
const app = express();
const port = 5000;
// Define routes
app.get('/', (req, res) => {
  res.send('Hello, World!');

app.get('/secret', (req, res) => {
  const secret = "SECRET DATA NOT MEANT FOR DEVS!";
  res.send('The secret is '+ secret);

You can specify the configuration parametercaptureFrameDataReductionCallback at line 4 which defines the custom callback function. ArgumentcaptureFrames is a list of frames captured. Easily redact the secret variable from the top frame as done in this example. Remember to return the captureFrames variable at the end of the callback function.

Last updated