--- title: Using connectors securely description: While Ping Identity provides many proprietary integrations for PingOne DaVinci, some connectors work with third-party services. You should review the security best practices documentation for those services. component: davinci page_id: davinci:connectors:davinci_using_connectors_securely canonical_url: http://docs.pingidentity.com/davinci/connectors/davinci_using_connectors_securely.html revdate: September 29, 2023 section_ids: changing-the-logging-level: Changing the logging level about-this-task: About this task steps: Steps result: Result marking-output-fields-as-secure: Marking output fields as secure about-this-task-2: About this task steps-2: Steps result-2: Result --- # Using connectors securely While Ping Identity provides many proprietary integrations for PingOne DaVinci, some connectors work with third-party services. You should review the security best practices documentation for those services. Some general security best practices to consider when using third-party connectors in your DaVinci flow are: * When passing any secrets, keys, or passwords as output variables through the HTTP connector, mark them as `Secure` in the connector configuration. * The account with the third-party service or on-premise resource should follow the principle of least privilege and only be granted the permissions necessary to perform the actions required by the connector. * Whenever using custom JavaScript, HTML, or CSS in a DaVinci connector, you should follow general secure coding guidelines to avoid the introduction of any security vulnerabilities, privacy violations, or other unintended behavior. ## Changing the logging level Some connectors can process a user's personally identifiable information (PII) such as name, address, email, and birthdate. To prevent inadvertent logging of any sensitive user data, you should not enable debug logging in any production-level flows that use connectors that can process PII. ### About this task To view and change the logging level for your DaVinci flow: ### Steps 1. Click the **More Options ( [icon: ellipsis-v, set=fa])** icon and select **Flow Settings**. 2. On the **Logging** tab, view the **Log Level** list. 3. If the current selection is **Debug**, select **Info**. 4. Click **Save**. ## Result You can now see if your flow is in Debug mode and disable debug logging. Learn more in [Debugging and analytics](../davinci_best_practices/davinci_best_practices_debugging_and_analytics.html). ## Marking output fields as secure You should mark output fields secure when adding custom output fields for a connector such as the HTTP connector. ### About this task To mark output fields as secure in the **Custom HTML Template** of the HTTP connector: ### Steps 1. Add an HTTP connector in DaVinci. 2. Complete the **Property Name** and **Display Name** fields. ![A GIF depicting a user entering the Property Name and Display name, then switching on the Secure toggle.](_images/zbk1694535064943.gif) 3. Click the **Secure** toggle and click **Apply**. ### Result The output field is now marked as secure, which acts as an additional safeguard against the logging of any sensitive PII.