Also redact id token from now on

AzureAD · May 19, 2021 · a5a6b90 · a5a6b90
1 parent 0c15c75
commit a5a6b90
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/msal/token_cache.py b/msal/token_cache.py
@@ -113,7 +113,7 @@ def wipe(dictionary, sensitive_fields):  # Masks sensitive info
             return self.__add(event, now=now)
         finally:
             wipe(event.get("response", {}), (  # These claims were useful during __add()
-                "access_token", "refresh_token", "username"))
+                "access_token", "refresh_token", "id_token", "username"))
             wipe(event, ["username"])  # Needed for federated ROPC
             logger.debug("event=%s", json.dumps(
             # We examined and concluded that this log won't have Log Injection risk,