Data Masking

Data Masking helps protect sensitive information from being exposed within the Fyno Logs and User Profile. When enabled, sensitive data is displayed in a masked format while remaining securely stored and processed by the platform.

It can be used to prevent accidental exposure of personally identifiable information (PII), such as email addresses, phone numbers, identifiers, and other sensitive data contained in notification payloads.

Permissions

  • Only users with the Owner or Super Admin role can configure Data Masking settings.
  • Other users can view masked data based on their access permissions but cannot:
    • Enable or disable Default Masking or Regex Masking.
    • Change the masking type.

How Data Masking Works?

When Data Masking is enabled, Fyno masks sensitive information across the platform wherever it is displayed or stored. This includes, but is not limited to:

  • Destination details.
  • Data payloads received through APIs.
  • Generated logs.
  • Execution and debugging information.
  • Any other interfaces or records where sensitive data may be exposed.

The original values are stored and processed by Fyno as usual. However, whenever sensitive information is displayed within Logs and User Profile, including in logs, payload views, and other system-generated outputs, it is shown in a masked format.

For example, users viewing execution or delivery logs will see masked values instead of the original sensitive data, helping prevent unauthorized visibility while preserving operational insights..

Masked values are applied across supported logs and monitoring screens.

Enable Data Masking

1Navigate to Workspace Settings.
2Select Security.
3Locate the Data Masking section.
4Toggle Data Masking on.
5When enabling Data Masking for the first time, the configuration dialog opens automatically. Select the desired masking type and save your changes.

Configure Data Masking

When you enable Data Masking for the first time, the configuration dialog opens automatically, allowing you to select one of the available masking types. After Data Masking has been enabled, you can use Configure to modify the masking settings at any time.

Default Masking

Default Masking masks Destination and Data Payload values when they appear in logs, preventing sensitive information from being exposed while preserving the overall log structure and usability. When enabled:

  • Headers: All header values are masked by default.
  • Destinations: All destinations are masked by default.
  • Data Payloads: Only values matching supported masking patterns are masked.

Example: Default Masking

Original Request

Destination: john.doe@example.com

Data Payload

1{
2 "name": "John Doe",
3 "email": "john.doe@example.com",
4 "phone": "9876543210",
5 "orderId": "ORD12345",
6 "city": "Bangalore"
7}

Displayed in Fyno Logs

Destination: xxxxx

Data Payload

1{
2 "name": "xxxxx",
3 "email": "xxxxx",
4 "phone": "xxxxx",
5 "orderId": "xxxxx",
6 "city": "xxxxx"
7}

In Default Masking mode, all Destination and Data Payload values are masked regardless of whether they contain sensitive information.

Regex Masking

Regex Masking allows sensitive values to be identified and masked using predefined patterns. All destination and header values are masked by default.

For data payloads, Fyno scans the payload and masks only values that match supported patterns, including:

  • Email addresses
  • Phone numbers
  • Government IDs
  • Bank account details
  • Financial identifiers
  • Other sensitive information identified through predefined pattern-matching rules.

Example: Regex Masking

Original Request

Destination: john.doe@example.com

Data Payload

1{
2 "name": "John Doe",
3 "email": "john.doe@example.com",
4 "phone": "9876543210",
5 "orderId": "ORD12345",
6 "city": "Bangalore"
7}

Displayed in Fyno Logs

Destination: xxxxx

Data Payload

1{
2 "name": "John Doe",
3 "email": "xxxxx",
4 "phone": "xxxxx",
5 "orderId": "xxxxx",
6 "city": "Bangalore"
7}

Where Masking Is Applied

Masked values are displayed throughout Logs and User Profile, including:

  • Sent Logs
  • Notification Event Logs
  • Workflow Logs
  • Inbound Messaging Logs
  • Delivery Callback Logs
  • Verification Logs
  • User Profile

Sensitive values appear as masked text (for example, xxxxx) wherever Data Masking is applied.

Disabling Data Masking

To disable Data Masking:

1Navigate to Workspace Settings > Security.
2Turn off the Data Masking toggle.

Once disabled, data will be displayed according to the current access permissions and visibility settings configured for the workspace.