@bearer/node-agent

Bearer Node Agent

Usage no npm install needed!

<script type="module">
  import bearerNodeAgent from 'https://cdn.skypack.dev/@bearer/node-agent';
</script>

README

@bearer/node-agent

Build Status npm

Installation

From a terminal, install the Bearer agent module and save it into your project:

npm install --save @bearer/node-agent
# or
yarn add @bearer/node-agent

Now, open your application main script (e.g. index.js or main.js) and initialize the Bearer agent at the top:

const Bearer = require('@bearer/node-agent')

await Bearer.init({ secretKey: 'YOUR_BEARER_SECRET_KEY' })

http.request(...)

Your Secret Key is available on the Bearer dashboard

The init function returns a promise which you can use to ensure Bearer is fully loaded before performing any HTTP requests.

Note: We strongly recommend to initialize the Bearer agent as early as possible. This ensures that all external HTTP requests performed from your application are monitored.

Now, you can start your application (e.g. node index.js). All API calls will be monitored and available on your Bearer dashboard.

For detailed configuration options check the Agent's configuration page.

Keeping your data protected

We recommend you sanitize your data before sending it to the Bearer dashboard. We think it's best to setup the sanitization level that best suits your needs. An example using the default values is as follows:

Bearer.init({
  stripSensitiveData: true,
  stripSensitiveKeys: /^authorization$|^client.id$|^access.token$|^client.secret$/i,
  stripSensitiveRegex: /[a-zA-Z0-9.!#$%&’*+/=?^_`{|}~-]+@[a-zA-Z0-9-]+(?:.[a-zA-Z0-9-]+)*/,
})

Configuration options explained

  • stripSensitiveData - Globally enable/disable data sanitization. It's enabled by default. If you set it to false no sanitization will take place, and all the data will be sent to the Bearer dashboard as-is.

  • stripsSensitiveKeys - List of key names regex patterns that will be applied to sanitize values in headers, query parameters or response body. If you specify "stripSensitiveKeys": "^authorizationquot; the following sanitization actions would take place:

    • In headers: "authorization" header value will be sanitized and would be sent to the Bearer dashboard as "authorization: [FILTERED]"
    • In query string parameters: "authorization" query parameter value will be sanitized, and in the Bearer dashboard your URL will look like: "http://www.example.com/auth?authorizaiton=[FILTERED]"
    • In application/json response body: Any value of "authorization" key in response payload will be replaced with "[FILTERED]" (e.g., { "name": "John", "authorization": "granted" } will be sent to the Bearer dashboard as { "name": "John", "authorization": "[FILTERED]" }

  • stripSensitiveRegex - A regular expression that will be used to sanitize any value in headers, query string parameters or response body. Bearer will check all the values sent in the request or response and will replace matching patterns with "[FILTERED]".

Development

Release a new version

Bump version

npm version path|minor|major

# push things
git push
git push --tags

Debugging

@bearer/node-agent uses debug, so just run with environmental variable DEBUG set to bearer:agent:*.

$ DEBUG=bearer:agent:* node app.js