Skip to content
KohiCorp Docs
Dashboard

Security & Privacy

Auto-redaction

Every event is redacted in your process before it’s sent. Not optional, can’t be disabled.

Redacted fields

Any header or body field matching these keys (case-insensitive) is replaced with [REDACTED]:

password, secret, token, authorization, api_key, x-api-key, apikey, x-auth-token, x-access-token, bearer, private_key, private-key, secret_key, secret-key

Email masking

Fields named email, email_address, or emailaddress are partially masked: [email protected] becomes ja***@example.com.

Redaction is recursive, so nested objects and arrays are all checked.

HMAC-SHA256 signing

Each batch is JSON-serialized → gzip-compressed → signed with HMAC-SHA256 using your secret key. The signature goes in the X-Signature header. The Guard rejects mismatched signatures.

Client IP extraction

Priority order:

  1. CF-Connecting-IP
  2. X-Vercel-Forwarded-For
  3. X-Forwarded-For (first IP)
  4. X-Real-IP
  5. X-Cluster-Client-IP
  6. Fastly-Client-IP
  7. Forwarded (RFC 7239, for= directive)
  8. TCP peer address (fallback)