Hi,

In the application ecosystem we are developing, one type of authentication is being made by calling an external service (Identity Provider) with the username and password. 

These fields are being passed as plain text in the request, as this is the way the external API is exposed. If logging is enabled in this REST API, then these requests will be available in Service Center, in the Integration Logs section. 

Additionally, in the current configuration, OutSystems Logs are being exported to an external logging repository (Elastic), and if logging is activated, this information will be exported to that repository as well.

Therefore, we would like to have a way to mask sensitive data sent/received in integrations logs, namely passwords.

Is there any way this information can be obfuscated/removed/masked in case an admin starts logging the requests/responses of the service in the Production environment?

Regards,
João Mateus