0

I am building an app-engine using java and i have the following line of code: 

@ApiMethod(name = "fetchfile", path = "fetchfile", apiKeyRequired = AnnotationBoolean.TRUE)

Now what is happening is that in the app-engine logs, i see the API key exposed:

/_ah/api/<app-engine name>/v1?key=***********

How can i hide the API key from exposing in the logs? Is there like a line i need to add so that it doesnt get in the logs?

Thank you!

1 Answers1

1

If it is your API, then you need to change it so that the API key can be provided in the headers instead of in the URL.

If it is someone else's API, then complain to them to have them do it.

There is no way to redact URLs in the logs but headers are not logged.

new name
  • 15,861
  • 19
  • 68
  • 114