Request to add new property to a type definition to mark a property as confidential

[jarrodek]

In an automated tool that process API specification and renders it somehow in a GUI I would like to be able to have additional information about the intended input field type for a property. For example a header value that is a string but it should force the processor to render this information in a password field (in case of an editor of some sort).

Practical use case is described here: mulesoft/api-console#349
The user should be able to enter private data in a password field in a request editor when consuming the API. Currently it is impossible to determine whether the field should be of a specific type.

I would suggest to create a property that describes a type property as PII or some other confidential. This would be beneficial for a number of reasons. It would allow API documentation tools to mark type properties as confidential (PII, medical or banking data) that should never be visible by default anywhere (api consumers, logs).

An example of such definition would be:

types:
  Patient:
    properties:
       name:
         type: string
         confidential: true

I am using confidential instead of PII by purpose because confidential information does not necessarily have to be a PII information.