Airapi User Guide
  • 📙What is Airapi?
  • 📘Getting Started
    • Manage Environment
      • What is an Environment?
      • Add a New Environment
      • Update Environment
        • Reset Environment Cache
      • Delete Environment
      • Dashboard
      • Messages
      • Configurations
      • Endpoints
      • Applications
      • Documents
      • Agreements
      • Account Settings
    • Create Your Account
      • Verify Email
      • Forget Password
  • 📗Management Portal
    • API Definition
      • Consent Management
      • Scope Management
  • 📕Quota Management
    • Quota Management
    • API Base Quota
    • Application Base Quota
    • Domain Base Quota
  • 📔UK Open Banking
    • Account Details
    • Regular Payments
  • 📒TCMB Standard
    • Hata Kodları
  • 📓Advanced Features
    • App To App Authentication
    • mutual TLS
  • 📖How to
    • How To Get a Client Credential Token?
    • How To Get an AppToApp Token?
    • How To Add Multiple Function Policy?
    • How To Add Data Mask Policy?
    • How To Create a New Tenant User?
    • How To Configure Developer Portal?
    • How To Modify Global Rate Limit?
    • How To Retire an API?
    • How To Reject a Payment Initiation?
    • How To Add a Global Variable?
    • How To Restrict Working Hours?
    • How To Track Gateway Error?
    • How To Export/Import Endpoints?
    • How To Reject Account Consent?
    • How To Exclude an Endpoint?
    • How To Define an Endpoint?
    • How To Define a Mock Policy?
    • How To Define a Rate Limit Policy?
    • How To Define a Mail Policy?
    • How To Transform a Header?
    • How To XML to JSON?
    • How To JSON to XML?
  • 📙Release Notes
    • Versions
    • v2.1.80
    • v2.1.76
    • v2.1.72
    • v2.1.68
    • v2.1.64
    • v2.1.60
    • v2.1.56
    • v2.1.52
    • v2.1.44
    • v2.1.36
    • v2.1.20
    • v2.1.16
    • v2.0.96
    • v2.0.80
    • v2.0.72
    • v2.0.70
    • v2.0.66
    • v2.0.60
    • v2.0.55
    • v2.0.51
    • v2.0.50
    • v1.9.47
    • v1.9.46
    • v1.9.45
    • v1.9.44
    • v1.9.43
    • v1.9.42
    • v1.9.41
    • v1.9.40
    • v1.9.39
    • v1.9.38
    • v1.9.37
    • v1.9.3
    • v1.9.2
    • v1.9.1
    • v1.8.8
    • v1.8.7
    • v1.8.6
    • v1.8.5
    • v1.8.4
    • v1.8.3
    • v1.8.2
    • v1.8.1
    • v1.8.0
    • v1.7.9
    • v1.7.8
    • v1.7.7
    • v1.7.6
    • v1.7.5
    • v1.7.4
    • v1.7.3
    • v1.7.2
    • v1.7.1
    • v1.7.0
    • v1.6.9
    • v1.6.8
    • v1.6.7
    • v1.6.5
    • v1.6.2
    • v1.6.0
    • v1.5.8
    • v1.5.6
    • v1.5.4
    • v1.5
    • v1.4.6
    • v1.4.3
    • v1.4.0
    • v1.3.0
    • v1.2.1
    • v1.1.1
    • v0.8.6
  • ⚙️Planned Activities
Powered by GitBook
On this page
  • What is Data Mask Policy?
  • How It Works?
  1. How to

How To Add Data Mask Policy?

PreviousHow To Add Multiple Function Policy?NextHow To Create a New Tenant User?

Last updated 2 years ago

What is Data Mask Policy?

Data Masking enables entire copies or subsets of application data to be extracted and disguised from the bank services. Data Masking Policy provides a privacy solution for ApiGo users. With this policy, tenant admin can hide the sensitive customer data when supplying the developers with the bank services. ApiGo as a connection point between the bank and the developer transfer the sensitive data directly and logged the action with masked descriptions. So, ApiGo users save their data privacy and do not need to share them with the software service provider.

How It Works?

  1. ApiGo users can empower their privacy of APIs with Data Mask Policy when defining an endpoint in Management Portal. Tenant admin may want to mask the bank’s sensitive data when sharing the services powered by ApiGo for a variety of business needs. Data Mask policy is in General category and can be executed for the environments created with both Berlin Group and UK Open Banking Standards. Selected endpoint’s HTTP Method must be POST or PUT.

-> Endpoints -> Selected Endpoint -> Add Policy -> Masked Fields

2. After clicking on Masked Fields to add the policy, the tenant admin must input the data model of the related endpoint with a valid JSON format. All available fields will be brought on the data model with clicked on the “Get Fields” button. The selectable fields are listed and mask exception messages can be updated.

3. Tenant admin clicks on “Save” button to implement the policy for the selected endpoint and the changes must be published to respond the related request with masked data. The masked data can be seen in Berlin Group Standards as Payment Initiation and Account Consent and UK Open Banking Standards as only Payment Initiation details.

4. In example, when TPP sends a request to the gateway with the selected endpoint, the response message will be with masked Debtor Account IBAN and Debtor Account Currency. The difference between the details shows how the data mask policy changes the response messages. To check the action details, please visit the PIS & Account Consent menu for the environment created with Berlin Group Standards and Payment Initiation menu for the environment created with UK Open Banking Standards.

Management Portal -> PIS & Account Consent -> Payment Initiation Detail

- Payment Initiation without Data Mask Policy

- Payment Initiation with Data Mask Policy

📖
Management Portal
apigo data mask policy view
apigo data mask policy detail
apigo add data mask policy
apigo data mask policy