Quick question about the current behavior of audit logs for BYOC trunks in the ap-southeast-1 region. We are conducting a PCI-DSS compliance review and have identified that the GET /api/v2/architect/flows and related trunk configuration audit endpoints are stripping SIP registration credentials from the change history events. While this masking is expected for security, it is causing issues with our automated compliance reporting tools which expect a consistent schema structure.
Specifically, when a trunk update occurs, the sip_username and sip_password fields are completely omitted from the JSON response rather than being replaced with a masked value like ****. This breaks our JSON parsing logic in the analytics pipeline. According to the Genesys Docs, the API should return the full configuration for authorized admin roles, but this seems to contradict the security masking behavior observed in the logs.
Is there a specific header or query parameter required to retrieve the masked values instead of empty fields? Or is this a known limitation in the ap-southeast-1 region that requires a workaround for compliance auditing purposes? We need to ensure we can track configuration changes without exposing sensitive credentials in plain text, but also maintain data integrity for our reporting scripts.