Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Write-Error contains bearer access token and is written in the console log #74

Open
milapointe opened this issue Jun 18, 2024 · 2 comments
Open

Write-Error contains bearer access token and is written in the console log #74

milapointe opened this issue Jun 18, 2024 · 2 comments

Comments

@milapointe
Copy link

Using EntraExporter and not having sufficient rights, it give an error. This error is not handled by the module and passed through the console log and we can clearly see the bearer access token (stripped from this capture)

image

Any way to hive this part of the request? I don't mind having the error but having the access token all over in the logs....even if it's valid only for 1 hour and having limited access, I prefer not having it :)

Thanks !
@ptmetcalf
Copy link

The skiptoken field wouldn't be an access token, it's just used for pagination in the Graph API to handle large datasets. If you wanted to redact that or something from the output you could always wrap the command in a try/catch and use regex to redact any output that you don't want to see.

@milapointe
Copy link
Author

See below, I mask the authorization header bearer... its weird on dark mode browser 😅

Plus, I run this inside an azure function so maybe its more verbose than usually.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ptmetcalf @milapointe