Credit Card details visible in execution log

Domenico_Rutilgliano · March 7, 2023, 2:44am

Describe the issue/error/question

I am having concerns about the execution log storaging in clear customers credit card information when creating a card_token using stripe

What is the error message (if any)?

I would like to have the workflow execution saved but avoid to log certain fields

Please share the workflow

(Select the nodes and use the keyboard shortcuts CMD+C/CTRL+C and CMD+V/CTRL+V to copy and paste the workflow respectively)

Share the output returned by the last node

Information on your n8n setup

n8n version: 0.217.2
Database you’re using (default: SQLite): SQLite
Running n8n with the execution process [own(default), main]: DEFAULT
Running n8n via [Docker, npm, n8n.cloud, desktop app]: DOCKER COMPOSE

Jon · March 7, 2023, 8:11am

Hey @Domenico_Rutilgliano,

The execution logging will log whatever is happening in the workflow so if you were sending a credit card number it will be in the log.

This is of course not ideal and also a PCI issue so for now as well as making sure only certain users have access to your workflows that deal with credit card numbers I would recommend not logging those workflows.

You could also run a second instance of n8n that only handles that data so there is less risk.