Redaction Rules
Source file: examples/redaction_rules.hen
What It Demonstrates
redact_headerredact_captureredact_body- combining explicit redaction with secret-derived values
Key Pattern
$ API_TOKEN = secret.file("./secrets/demo_client_id.txt")
redact_header = X-Session-Token
redact_capture = SESSION_ID
redact_body = body.session.accessToken
Run It
hen verify ./examples/redaction_rules.hen
hen run ./examples/redaction_rules.hen all --non-interactive
What To Notice
- Hen already masks common sensitive headers such as
Authorization. redact_capturekeeps exported values masked when they appear in later requests.redact_bodylets you hide sensitive response fields even when you do not export them.
Related reference: Secrets and redaction