Individual case fields can now be marked as sensitive, hiding their values from users without the sensitive permission when enabled. See the documentation for more details.

Create a role with the "view sensitive information" permission 

Set a new or existing case field to sensitive 

Field value is redacted when user does not have permission 

Helpful details: 

• Sensitive case field values are hidden in the Cases UI and Cases API unless the user has the appropriate permission.

• A sensitive case field can be changed back to non-sensitive. When this happens, its value can can be viewed by all cases users.

• Cases search only includes sensitive fields if the user has the appropriate permission.

• PDF and CSV exports will show sensitive case field values if the requesting user has the appropriate permission.

• Webhooks and case actions include the sensitive value, even if the triggering user doesn't have the permission.

• Sensitive fields appear as clear text values in dashboards regardless of the viewer's permission.