dex icon indicating copy to clipboard operation
dex copied to clipboard
verified publisher icon dexidp

Log successful login but do not log user's email or user name

Open Khayet opened this issue 2 months ago • 2 comments

Preflight Checklist

  • [x] I agree to follow the Code of Conduct that this project adheres to.
  • [x] I have searched the issue tracker for an issue that matches the one I want to file, without success.

Problem Description

Hi,

Currently Dex emits a log message like this when a user successfully logged in:

2025-10-22 12:05:46.948infotime=2025-10-22T10:05:46.947Z level=INFO msg="login successful" connector_id=auth0 username=<REDACTED>@<EMAIL_DOMAIN> preferred_username="" email=<REDACTED>@<EMAIL_DOMAIN> groups=[] request_id=286518e2-8135-4e47-8692-6638bda91282

Logging successful logins is good but we don't need the username and email. A pseudonymous user id would be good enough for our purposes.

Proposed Solution

Add a configuration option to disable logging of email address and username, log the user id instead.

Alternatives Considered

  • We could increase the log level, so that INFO level logs are no longer emitted. This would throw away a lot of useful information, however, and make it very cumbersome to operate the system.

  • We could somehow filter the logs but 1. logs would still be emitted by Dex, and 2. increase complexity.

Additional Information

No response

Khayet avatar Oct 22 '25 10:10 Khayet

The feature seems ok to me, but we need help with the implementation. There are several places used to log sensitive data, so we need to revise them and cover them all with some masking.

nabokihms avatar Nov 03 '25 09:11 nabokihms

The setting could be under the log section:

# logger:
#   level: "debug"
#   format: "text" # can also be "json"
#   includeSensitiveClaims: [] # ["email", "name"] by default

nabokihms avatar Nov 03 '25 09:11 nabokihms