promptflow icon indicating copy to clipboard operation
promptflow copied to clipboard
verified publisher icon microsoft

[Feature Request] Hiding Sensitive Inputs

Open jamesburns-rts opened this issue 1 year ago • 2 comments

I would like to be able to pass sensitive parameters into the flow in a way they are not included in logging or tracing. Is this already possible?

My setup and situation

  • We're developing a flow through the VSCode plugin and then deploying it to an Azure AI Studio endpoint.
  • We need to call an API on the user's behalf using a JWT retrieved through our UI
  • We're currently passing the JWT through a flow input, which means we cannot:
    • enable tracing since it would include the JWT for any tool that accepts it
    • enable INFO logging because it also logs the tool arguments
    • enable recording of model inputs through azure

Possible solutions

  • Allow marking inputs as secret or private and prevent logging from that
  • Allow access of the original HTTP request being made so I can access extra body parameters or headers

Alternatives I've considered

  • a crazy encryption scheme
  • making all API calls through the UI instead of in the flow and having the UI re-call the prompt flow endpoint

jamesburns-rts avatar Jun 13 '24 14:06 jamesburns-rts

It's rare and generally not recommentded to pass secrects as inputs in the request. Prompt flow does not have short-term plan to support this feature ask.

Please consider the workaround to encode the jwt first and decode inside the flow when you need to call the external API.

0mza987 avatar Jun 14 '24 07:06 0mza987

Is there no current temporary workaround that can be used for reading the header instead of passing sensitive data as an input? To my understanding promptflow is served as a Flask app so we should be able to read it?

sofyanajridi avatar Oct 22 '24 13:10 sofyanajridi