Hello all, looking for some clarification of a problem that my team has run into this past week regarding a Resource we have configured to our REST API that we pass in the secrets in the URL parameters.
Currently if you would go look at the request body of one of these calls, you would see the –sanitized– key words at the beginning, but the values would still be visible, meaning you would see the keys we are passing.
Have we just gotten the pattern in correct? In the docs, I did notice this
Retool sanitizes any headers with keys that contain authorization, key, or password.
Is this not true for URL parameters? or do we have to use Headers instead?
