# Data Sanitization

## Overview

The Zipy Flutter SDK includes powerful data sanitization features to protect sensitive information in your network requests and responses. You can configure what to sanitize, how deep to scrub nested objects, and which keys or headers to target.

## Default Behavior

1. Sanitizes both payloads and responses
2. Sanitizes up to 3 levels deep in nested objects
3. Scrubs the following sensitive keys

```
password, secret, passwd, api_key, apikey, access_token, auth, credentials, mysql_pwd,
stripetoken, cardnumber
```

4. Sanitizes the following headers

```
authorization, auth, auth-token
```

The scrubbing level determines how deep the sanitization process goes into nested objects.

<pre class="language-json"><code class="lang-json"><strong>{
</strong>  "user": {                    // Level 1
    "details": {               // Level 2
      "password": "secret123"  // Will be scrubbed
    },
    "preferences": {           // Level 2
      "settings": {            // Level 3
        "api_key": "xyz123"    // Won't be scrubbed
      }
    }
  }
}
</code></pre>

To modify scrubbing level or add your own keys contact us <support@zipy.ai>&#x20;

## How sanitization works

1. When a key matches one in the scrubbing list (case-insensitive), its value is replaced with "xxxx"
2. For headers in the sanitization list, their values are replaced with "xxxx"
3. Both request payloads and responses are sanitized if enabled

### Example

Original Request:

```json
{
  "user": {
    "name": "John",
    "password": "secret123",
    "payment": {
      "cardnumber": "4111-1111-1111-1111",
      "details": {
        "api_key": "xyz123"
      }
    }
  }
}
```

Sanitized Request:

```json
{
  "user": {
    "name": "John",
    "password": "xxxx",
    "payment": {
      "cardnumber": "xxxx",
      "details": {
        "api_key": "xxxx"
      }
    }
  }
}
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.zipy.ai/zipy-for-mobile/flutter-setup/data-sanitization.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.