Early Preview
This is currently very much a preview. Please feel free to try things out,
but don't be upset if anything is not yet working. Feedback is welcome over on our
GitHub Dicussions page.
class Duende.IdentityServer.Configuration.LoggingOptions
Assembly: Duende.IdentityServer
Inheritance: object → LoggingOptions
Settings for filtering sensitive parameter values from logs and suppressing noisy unhandled exceptions.
Fields and Constants
UnhandledExceptionLoggingFilter
Gets or sets a predicate invoked when the IdentityServer middleware detects an unhandled exception,
used to decide whether the exception should be logged. Return <c>true</c> to emit the
log entry, or <c>false</c> to suppress it.
Remarks By default, <see cref="T:System.OperationCanceledException" /> instances are suppressed when the
request's <c>CancellationToken</c> has been cancelled, because these exceptions are an
expected consequence of HTTP request cancellation and would otherwise create unnecessary
log noise.
Properties
public
System.Collections.Generic.ICollection<string>
BackchannelAuthenticationRequestSensitiveValuesFilter
Gets or sets the parameter names whose values are redacted from backchannel authentication (CIBA) request
log entries.
Remarks Defaults to <c>client_secret</c> , <c>client_assertion</c> , <c>id_token_hint</c> , and
<c>request</c> . Clearing or replacing this collection may expose sensitive values in logs.
public
System.Collections.Generic.ICollection<string>
TokenRequestSensitiveValuesFilter
Gets or sets the parameter names whose values are redacted from token endpoint request log entries.
Remarks Defaults to <c>client_secret</c> , <c>password</c> , <c>client_assertion</c> ,
<c>refresh_token</c> , <c>device_code</c> , <c>code</c> , and <c>subject_token</c> .
Clearing or replacing this collection may expose sensitive values in logs.
public
System.Collections.Generic.ICollection<string>
AuthorizeRequestSensitiveValuesFilter
Gets or sets the parameter names whose values are redacted from authorize endpoint request log entries.
Remarks Defaults to <c>client_secret</c> , <c>client_assertion</c> , <c>id_token_hint</c> , and
<c>request</c> . Because authorization parameters pushed via PAR are eventually processed
by the authorize endpoint pipeline, this filter should typically be kept in sync with
<see cref="P:Duende.IdentityServer.Configuration.LoggingOptions.PushedAuthorizationSensitiveValuesFilter" /> . Clearing or replacing this
collection may expose sensitive values in logs.
public
System.Collections.Generic.ICollection<string>
PushedAuthorizationSensitiveValuesFilter
Gets or sets the parameter names whose values are redacted from Pushed Authorization Request (PAR)
endpoint log entries.
Remarks Defaults to <c>client_secret</c> , <c>client_assertion</c> , <c>id_token_hint</c> , and
<c>request</c> . Because pushed authorization parameters are eventually processed by the
authorize endpoint pipeline, this filter should typically be kept in sync with
<see cref="P:Duende.IdentityServer.Configuration.LoggingOptions.AuthorizeRequestSensitiveValuesFilter" /> . Clearing or replacing this
collection may expose sensitive values in logs.
Methods
public
bool
Equals(object obj)
Inherited from object
protected
void
Finalize()
Inherited from object
public
int
GetHashCode()
Inherited from object
protected
object
MemberwiseClone()
Inherited from object
public
string
ToString()
Inherited from object