# Redaction Catalog

This document catalogs the redaction rules applied to notification payloads.

## Overview

The redaction catalog ensures that sensitive information is not exposed in notifications.

## Redaction Rules

### Personal Identifiable Information (PII)
- Email addresses are partially redacted
- IP addresses are anonymized
- User names are replaced with user IDs

### Credentials
- API keys are fully redacted
- Passwords are never included
- Tokens are truncated to first/last 4 characters

### Internal Data
- Internal URLs are replaced with public equivalents
- Database IDs are not exposed
- Stack traces are summarized

## Configuration

Redaction rules can be customized per tenant and notification channel.