Skip to main content
Your agent handles API keys, passwords, and tokens. You need telemetry to reach Apie without leaking secrets in event payloads.

Default redacted keys

The SDK redacts these keys by default: apiKey, api_key, password, token, secret, authorization, access_token, refresh_token, private_key, client_secret

Configure redaction

const apie = new Apie({
  agent: { key: "my-agent", name: "My Agent" },
  redactKeys: ["ssn", "credit_card"],
  redactDenyPatterns: ["/password/i", "/secret/i"],
  redactAllowPaths: ["metadata.safe_field"],
  maxEventPayloadBytes: 64_000,
});
SettingEffect
redactKeysAdditional keys to replace with [REDACTED]
redactDenyPatternsRegex patterns for key names to redact
redactAllowPathsDot-paths to never redact
maxEventPayloadBytesTruncate oversized payloads

Custom redaction function

redact: (event) => {
  const copy = { ...event };
  if (copy.payloadSummary?.email) {
    copy.payloadSummary = { ...copy.payloadSummary, email: "[REDACTED]" };
  }
  return copy;
},

MCP proxy redaction

In apie.mcp.json:
{
  "redactKeys": ["token", "password", "secret"]
}

Standalone redaction

import { redactEvent } from "@apie-sh/sdk";
const safe = redactEvent(event, { redactKeys: ["token"] });

Next steps

Reliable telemetry

Queue and shutdown.

Configuration reference

All config fields.