PipeKitBeta
Platform

Privacy & Masking

Protect sensitive user data and ensure compliance with privacy regulations.

Privacy by Default

PipeKit automatically masks common sensitive inputs like password fields and secure text entries. No configuration needed for basic privacy protection —maskSensitiveViews is enabled by default on both iOS and Android.

Automatic Masking

These elements are automatically masked (replaced with ●●●●) in recordings:

UITextField

with isSecureTextEntry = true

Password fields

Any field with textContentType = .password

Credit card inputs

Fields with textContentType = .creditCardNumber

One-time codes

Fields with textContentType = .oneTimeCode

Manual Masking

Mark additional views as sensitive to mask them in recordings:

On UIKit, call markAsSensitive() on anyUIView. In SwiftUI, apply the.sensitiveContent() modifier.

MaskViews.swift
import UIKit
import SwiftUI
import PipeKit


// UIKit — mask a specific view
let sensitiveView = UIView()
sensitiveView.markAsSensitive()


// UIKit — mask a label showing private data
mySecretLabel.markAsSensitive()


// SwiftUI — mask with the .sensitiveContent() modifier
struct ProfileView: View {
    let user: User
    var body: some View {
        VStack {
            SecureField("Password", text: $password)
                .sensitiveContent()


            Text(user.ssn)
                .sensitiveContent()  // This text will be masked
        }
    }
}

Mask by Class

Auto-mask every instance of a view class by listing its class name in autoMaskViewClasses on the SessionReplayConfig you pass at configure time:

MaskByClass.swift
import PipeKit


var video = SessionReplayConfig()
video.maskSensitiveViews = true
// Class names to auto-mask (useful for custom and third-party views)
video.autoMaskViewClasses = [
    "CreditCardView",
    "BankAccountView",
    "StripeCardFormView",
]


PipeKit.configure(
    apiKey: "pk_live_xxxxxxxxxxxxxxxx",
    config: PipeKitConfig(videoConfig: video)
)

Network Request Filtering

Configure network redaction through SessionLoggerConfig. Use excludedURLPatterns (regex) to skip capturing specific endpoints entirely, and redactedHeaders to strip sensitive headers. The defaults for redactedHeaders already include authorization, cookie, and x-api-key. Request and response bodies are captured up to maxBodySize — lower it (or exclude the URL) when a body may contain sensitive data.

NetworkRedaction.swift
import PipeKit


var logs = SessionLoggerConfig()


// Don't capture requests to certain URLs (regex patterns)
logs.excludedURLPatterns = [
    ".*/api/auth/.*",
    ".*stripe.com.*",
]


// Redact additional sensitive headers
// (authorization, cookie, x-api-key are redacted by default)
logs.redactedHeaders.insert("x-session-token")


// Cap how much of each body is captured
logs.maxBodySize = 4096


PipeKit.configure(
    apiKey: "pk_live_xxxxxxxxxxxxxxxx",
    config: PipeKitConfig(logConfig: logs)
)

Log Filtering

Control how much console output is captured with minimumLogLevel on SessionLoggerConfig. Raising the threshold (for example to .warning) prevents verbose debug logs — which may contain user data — from being recorded. To keep sensitive values out of logs entirely, avoid logging them; PipeKit captures the messages your app emits as-is.

LogLevel.swift
import PipeKit


var logs = SessionLoggerConfig()
// Only capture warnings and above
logs.minimumLogLevel = .warning


PipeKit.configure(
    apiKey: "pk_live_xxxxxxxxxxxxxxxx",
    config: PipeKitConfig(logConfig: logs)
)

Disable Recording for Screens

Stop the session entirely while a sensitive screen is on display, then start a new one once the user leaves. Check PipeKit.isRecording before resuming so you only restart if recording was active.

PaymentViewController.swift
import UIKit
import PipeKit


class PaymentViewController: UIViewController {
    override func viewWillAppear(_ animated: Bool) {
        super.viewWillAppear(animated)
        // Stop recording while this screen is visible
        PipeKit.stopSession()
    }


    override func viewWillDisappear(_ animated: Bool) {
        super.viewWillDisappear(animated)
        // Resume recording after leaving the screen
        PipeKit.startSession()
    }
}

GDPR & Compliance

User Consent

For GDPR compliance, get user consent before recording:

Consent.swift
import UIKit
import PipeKit


// Check consent before starting
if UserDefaults.standard.bool(forKey: "userConsentedToRecording") {
    PipeKit.startSession()
}


// Show consent dialog
func showRecordingConsentDialog() {
    let alert = UIAlertController(
        title: "Help us improve",
        message: "Allow us to record your session to improve the app?",
        preferredStyle: .alert
    )
    alert.addAction(UIAlertAction(title: "Allow", style: .default) { _ in
        UserDefaults.standard.set(true, forKey: "userConsentedToRecording")
        PipeKit.startSession()
    })
    alert.addAction(UIAlertAction(title: "Deny", style: .cancel))
    present(alert, animated: true)
}

Data Retention

Sessions are automatically deleted after your plan's retention period (7-90 days). Users can request data deletion through your app, and you can delete specific sessions via the dashboard or API.

Next: API Reference

Explore all available SDK methods and integration options.

Continue to API Reference →