Skip to main content
All CollectionsSecurity & ComplianceFlusk
How do I fix the Public Sensitive Parameter in API Call issue flagged by Flusk?
How do I fix the Public Sensitive Parameter in API Call issue flagged by Flusk?
Updated this week

This issue is fired when a public parameter is defined as potentially sensitive.

As the sensitivity is defined by our prediction model, it may sometimes deliver inaccurate results. If you think this parameter is not sensitive, you can ignore this issue.

A sensitive parameter can be an API key, a private unique ID, an endpoint, or anything you don't want to be public.

Solution

In order to fix this issue, you have to define this parameter as "Private" in the API Connector.

If this parameter has to be dynamic (defined by the user in the front end), you should initialize your API call with a non-sensitive value.

What if my parameter needs to be dynamic?

If you parameter needs to be dynamic, then it's going to be a little bit different for you.

For a parameter to be dynamic, you have to uncheck the "Private" checkbox and therefore, the value will be exposed to the world.

In this case, the only thing you need to do is to clear the initialization value from your API Call (no need to re-initialize the API Call).

Did this answer your question?