Errors containing PII from search terms

[craigpastro]

Describe the feature request?

The error messages from the SDK wrap the API error, which sometimes contains PII from the search term. For example, from the users API, if I try to get a user from their email address, Get User will return something like

the API returned an error: Not found: Resource not found: EMAIL (User)",

if that particular user is not found.

It also happens that if the context is cancelled somehow the entire endpoint is returned which again may contain a search term like an error. E.g.,

Get "https://accounts-api.brex.com/api/v1/users?search=profile.login+eq+EMAIL": context deadline exceeded

In both of these cases, the error message could be logged downstream which is not great. So, I suppose, what I would like is to either not have the search term returned in the error or an easy way to extract the essence of the error so I can convert to my own error. I guess I can convert the error to an *okta.Error and use the error code, but that wouldn't work in the second case above. At the moment I am matching on substrings which isn't ideal, but works.

Any better suggestions? Thanks!

New or Affected Resource(s)

All of them.

Provide a documentation link

No response

Additional Information?

No response

[github-actions]

This issue has been marked stale because there has been no activity within the last 14 days. To keep this issue active, remove the stale label.