KEYCLOAK-13160 Add support for Privacy Preserving Logging

Hello Keycloak experts,

I’m looking for feedback about the KEYCLOAK-13160 Add support for Privacy Preserving Logging
PR: https://github.com/keycloak/keycloak/pull/7180
JIRA: https://issues.redhat.com/browse/KEYCLOAK-13160

  • What needs regarding to privacy and logging do you have?
  • Do you need to exclude data from the log or would it be fine to mask / anonymize / encrypt the sensitive value?
  • Which sensitive values would you need to anonymize?
  • Would you use the suggested anonymization feature?
  • Would you use the suggested SPI to add your own PrivacyProvider implementation?
  • Do you miss something in the suggested implementation?

I’d love to hear your feedback :slight_smile:

Cheers,
Thomas

1 Like

I implemented personal info log levels (not in the keycloak):

  • original - no change, recommended value for development
  • md5 - value is logged as md5 hash, recommended value for prod issue debugging
  • hidden - string placeholder e.g. '-= retracted =-’ is logged, default value, recommended value for prod env

It is working for: user id/name/surname/uuid/sub/email/ip.

userId=bf%9ab - if you have a few users, then user still can be identified.

It is good idea to replace last octet with 0 in the IPv4 (maybe more octets for IPv6) - then IP can still be used for geolocation (but with slightly reduced accuracy).

1 Like