Configure PII scrubbing to automatically redact sensitive information from MCP responses before they’re logged or returned to clients.
Prerequisites
Understanding the 3-layer policy hierarchy
PII scrubbing follows the same 3-layer hierarchy as other Golf Gateway policies:
| Layer | Where Configured | Scope |
|---|
| Organization | Control Plane > Settings > Policies | All gateways & servers |
| Gateway | Control Plane > Gateway > Policies | All servers on this gateway |
| Server | Control Plane > Server > Policies | Single MCP server |
- Sensitive fields: Combined from ALL layers (union)
- Custom rules: Combined from ALL layers (union)
- Custom entities: Combined from ALL layers (union)
- Enabled flag: True if ANY layer enables scrubbing
Set organization-wide defaults for common PII types, then add server-specific rules for domain-specific data.
Enable PII scrubbing
Organization defaults:
- Go to Settings > Policies
- Find the PII Protection section
- Enable PII Scrubbing
- Configure default sensitive field names
- Click Save
Gateway overrides:
- Go to Gateways > select a gateway > Policies
- Find the PII Protection section
- Add gateway-specific sensitive fields
- Click Save
Server-level configuration:
- Go to MCP Servers > select a server
- Open the Policies tab > PII
- Enable PII Protection
- Add custom sensitive field names
- Click Save
Gateway-level defaults (applies to all servers):gateway_policy:
scrubbing:
enabled: true
sensitive_fields:
- password
- api_key
- secret
servers:
- name: my-server
url: http://localhost:3001
security:
enabled: true
sensitive_fields:
- api_key
- password
- secret
Built-in PII detection
Presidio detects many entity types by default. Common examples include:
| Entity Type | Example |
|---|
CREDIT_CARD | 4111-1111-1111-1111 |
EMAIL_ADDRESS | [email protected] |
PHONE_NUMBER | (415) 555-1234 |
US_SSN | 123-45-6789 |
IP_ADDRESS | 192.168.1.1 |
US_BANK_NUMBER | 1234567890 |
URL | https://example.com |
IBAN_CODE | DE89370400440532013000 |
PERSON, LOCATION, ORGANIZATION (via GLiNER), US_DRIVER_LICENSE, US_PASSPORT, JWT_TOKEN, and more.
Add custom scrubbing rules
For patterns not covered by built-in detection, add custom rules:
- Go to the appropriate level (Settings, Gateway, or Server > Policies)
- Find the PII Protection section
- Click Add Custom Rule
- Enter the regex pattern and select the masking method
- Click Save
Add custom rules to the server’s security configuration:servers:
- name: my-server
url: http://localhost:3001
security:
enabled: true
custom_rules:
- pattern: "LINEAR-[A-Z]+-[0-9]+" # Linear issue IDs
method: mask
- pattern: "sk-[a-zA-Z0-9]+" # API keys
method: hash
| Method | Behavior | Example |
|---|
mask | Replace with [REDACTED] | sk-abc123 → [REDACTED] |
hash | Replace with SHA256 hash (first 16 chars) | sk-abc123 → a1b2c3d4e5f6g7h8 |
remove | Remove the value entirely | sk-abc123 → “ |
replace | Replace with custom text | sk-abc123 → [API_KEY] |
Configure each server individually through MCP Servers > server > Policies > PII.
servers:
# Internal tools - minimal scrubbing
- name: internal-tools
url: http://localhost:3001
security:
enabled: true
sensitive_fields: [password]
# External API - comprehensive scrubbing
- name: external-api
url: http://localhost:3002
security:
enabled: true
sensitive_fields: [api_key, bearer_token, secret, password]
custom_rules:
- pattern: "Bearer [a-zA-Z0-9\\-_]+"
method: mask
Verify scrubbing is active
- In Admin Portal, go to Logs
- Select a session and find a request containing PII
- In the security pipeline, look for the PII Scrubbed step
- Verify sensitive data shows entity-specific placeholders like
[EMAIL], [SSN], or [MASKED]
Fields never scrubbed
These fields are preserved for audit purposes:
connection_id, session_id, correlation_idtimestamp, event_type, methoduser.email, user.sub (for compliance)
Troubleshooting
- PII not being detected: Verify scrubbing is enabled at all policy levels (org, gateway, server)
- Custom pattern not matching: Test your regex pattern - Golf Gateway uses Python regex syntax
- Too much data being scrubbed: Check if multiple layers are adding overlapping rules
