Automatic Data Redaction

Sensitive data is redacted before it leaves your browser

Every network request Brie captures goes through automatic redaction before it's stored. JWT tokens, API keys, authorization headers, credentials, and financial data are replaced with [REDACTED_BY_BRIE] — so your team gets the technical context without the security risk.

What gets redacted

Brie uses regex patterns and a keyword list of 50+ sensitive field names to detect and redact data. This includes JWT tokens (Bearer format), API keys with common prefixes (sk-, cla-, hf_, AWS/Azure/GCP/Stripe patterns), authorization and cookie headers, credential fields (password, secret, token, access_token, client_secret, oauth_token), and financial data like credit card numbers and SSNs.

Domain skip list

For local development and staging environments, you may want to see full request data without redaction. Add domains like localhost or staging.myapp.com to the domain skip list in extension settings. Non-production URLs are also skipped by default.

What is not captured

Brie skips binary content entirely (images, audio, video, PDFs, archives), response bodies larger than 1MB, and its own internal API calls. This keeps captures focused on the data developers actually need.

Ready to try automatic data redaction?

Install the Brie extension and start capturing bugs in seconds.

Get started free