Skip to main content
Skip table of contents

Sending a Test Payload

After enabling and configuring an External API from within Compliance for Confluence, you can send a test payload to your API to verify its response. If you have not yet configured your API, please refer to Using an External API for Data Detection.

To send a test payload:

  1. Click ⚙️ > Compliance Configuration.

  2. Navigate to the Detection page using the toolbar on the left and click the External API tab.

  3. Click the Test External API button at the bottom. This will open a dialog from which you can send a test request.

Open the test payload dialog by clicking “Test External API” from the External API Configuration page

The Dialog

The “Send a test payload” dialog

On the left side a test request is displayed that mimics those sent during a real Sensitive Data Scan.

The content field can be modified. For instance, input "my-secret-key" if it's known sensitive data your API should detect. This helps ensure your API will appropriately detect and respond during actual scans. During a real sensitive data scan the content field will contain the body of the page being scanned.

On the right side your API’s response is shown. For instance, if your API detects sensitive data, isDetected will be true and detectedText will list the detected items.

Here, “my-secret-key” is a piece of sensitive data that the API should detect

Running the Test

  1. Modify the content field as necessary.

  2. Click Send Test Payload to dispatch the request to your API.

  3. Observe your API’s response.

Understanding the Response

You can check the isDetected and detectedText fields of your API’s response to verify it successfully detected any sensitive data you entered in the content field of the request.

Similarly, you can verify that isDetected is false and the detectedText list is empty when no sensitive data was entered.

Sending a test payload also verifies if your API is responding in the expected format. If Compliance fails to parse the response from your API, it will display a warning message.

For example, forgetting to include a required field in your response, such as the status field, would look like:

Or, if your API does not return JSON:

Additionally, if the request to your API fails - for example due to a 401 or 404 error - then this will also be displayed:

If your API returns requests that evaluate to “Completed with problems” or “Failed” during a real sensitive data scan, then the page related to that response will fail to scan. As such, please ensure your API is consistently returning successful responses before running a scan.

Need support? We’re here to help 🧡

If you have any questions or would like to speak with us about Compliance, please don’t hesitate to reach out to our Customer Support team.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.