*This step is Optional
Overview
Data Masking is a process to mask all sensitive data available in Sandbox which will prevent developers or other users from viewing sensitive data. In the particular use cases where the Data Masking needs to be invoked by an external system, Cloud Compliance offers a REST API interface for masking sensitive data.
You can automate running Data Masking from Enterprise schedulers like Tidal, KRON & others that can make a REST API call.
This document explains how to invoke Data Masking configurations that are pre-configured via REST API using a JSON-based callout. The API performs data masking of sensitive data in the relevant sandbox whose details are provided in the configuration.
The REST APIs that are developed for this requirement are as follows –
1. POST Request: This is the 1st API that is used to execute data masking via REST.
URL
/services/apexrest/pcldm/v1/DataMaskerService |
Request Body
{“dataMaskingRequest”: { “maskingId”: “a004L000006AWuEQAW”}} |
2. POST Request: This is the second API that is used to retrieve the Status of masking after the execution is completed.
URL
/services/apexrest/pcldm/v1/FetchMaskingStatus |
Request Body
{“dataMaskingRequest”: {“executionId”: “a043h00000QvyytAAB”}} |
Solution Steps
1. Navigate->Configurations tab of the Data Masker application.
2. Click on the Configuration name. In this case, click on ‘UAT sandbox’.
3. Copy the Configuration id from the URL and paste this id into the REST script that needs to be executed for data masking.
4. Navigate-> REST tool such as Salesforce developer workbench, Postman, Insomnia, etc. (This example uses Salesforce Developer Workbench)
5. Navigate-> ‘REST Explorer’ from the Utility tab within the workbench and select the “POST” method
6. For the “POST” method, enter the DataMaskerService REST call URL
/services/apexrest/pcldm/v1/DataMaskerService |
7. Copy the Configuration id and paste it in the following JSON format of the request body.
{“dataMaskingRequest”: {“maskingId”: “a004L000006AWuEQAW”}} |
8. Click the “Execute” button to invoke the REST API
9. The REST API returns a Success status as True or False and the execution Id.
10. Use the 2nd REST API to get the execution status. Copy the execution id retrieved from the First API call and pass it to the second API to get the execution details. Again this is the POST method used to fetch the details.
URL
/services/apexrest/pcldm/v1/FetchMaskingStatus |
Request Body
{“dataMaskingRequest”: {“executionId”: “a045j000008VCN0AAO”}} |
11. Click on Execute to get the execution details. The attributes extracted from this REST API call out are as follows –
- status: true
- isProcessCompleted: true
- execution
- sfId: a045j000008VCN0AAO
- recordUrl: https://scalepclabs.my.salesforce.com/a045j000008VCN0AAO
- recordsTotal: 23
- recordsProcessed: 23
- recordsErrored: 0
- maskingStatus: Completed
- executionType: All
12. The detail raw response is as follows:
HTTP / 1.1 200 OKDate: Fri, 04 Mar 2022 11: 35: 36 GMTSet – Cookie: CookieConsentPolicy = 0: 1;path = /;expires = Sat, 04 – Mar – 2023 11: 35: 36 GMT;Max – Age = 31536000 Set – Cookie: LSKey – c$CookieConsentPolicy = 0: 1;path = /;expires = Sat, 04 – Mar – 2023 11: 35: 36 GMT;Max – Age = 31536000 Strict – Transport – Security: max – age = 63072000;includeSubDomains X – Content – Type – Options: nosniff X – XSS – Protection: 1;mode = block X – Robots – Tag: none Cache – Control: no – cache, must – revalidate, max – age = 0, no – store,private Set – Cookie: BrowserId = NbheW5uvEey1zs2_8w2v5Q;domain = .salesforce.com;path = /;expires = Sat, 04 – Mar – 2023 11: 35: 36 GMT;Max – Age = 31536000 Content – Type: application / json Vary: Accept – Encoding Content – Encoding: gzip Transfer – Encoding: chunked {“status”: true,”isProcessCompleted”: true,”execution”: {“sfId”: “a045j000008VCN0AAO”,”recordUrl”: “https://pcl-af-dev-ed.my.salesforce.com/a045j000008VCN0AAO””,”recordsTotal”: 23,”recordsProcessed”: 23,”recordsErrored”: 0,”maskingStatus”: “Completed”,”executionType”: “All”}} |