Debugging Design Automation (DA) workflows, especially for Revit, is crucial for developers but can expose sensitive data like URLs and credentials in report.log. To enhance security during this process, we've introduced the adskMask feature.
What is adskMask?
The adskMask flag, when set to true in your WorkItem (WI) payload, masks all URLs and credentials in the debug logs (report.log). This feature complements the existing adskDebug argument by ensuring sensitive information is obfuscated during debugging.
Example Usage
Here's how to use adskMask in your WI JSON payload:
{
"activityId": "AutoCAD.RefgetTests+Latest",
"arguments": {
"input": {
"url": "https://developer.api.autodesk.com/data/v1/projects/yyyy",
"headers": {
"Authorization": "Bearer xxx"
}
},
"result": {
"verb": "put",
"url": "das://intermediate/result.txt"
},
"adskDebug": {
"uploadJobFolder": true
},
"adskMask": true
},
"LimitProcessingTimeSec": 600
}
With adskMask enabled, all input and output URLs, along with headers containing credentials, will be masked in the debug log.
Why Use adskMask?
This feature is a straightforward enhancement to secure your development process by masking potentially sensitive information during job debugging. It was initially used internally at Autodesk and, given its utility, has been made available for all developers working with Design Automation APIs.
Implementation
To use adskMask, include it in your WI (Work Item) payload as illustrated. This is applicable for any Design Automation engine, not just Revit.
This introduction of adskMask is part of Autodesk's commitment to improving developer tools and ensuring the security of your workflows.
Twitter: @micbeale