SessionStack provides you with features that give you full control over what type of data you want us to process and store.

Sensitive Data

The most important security consideration that you have full control over is the choice of what data to collect by SessionStack. This is how you can exclude different types of data from being monitored:

  • DOM/UI data
  • Exceptions
  • Network
  • Browser console

This can be configured directly by going in the "Settings" in your project and then navigating to the "Data Collection" tab.
Not only will excluded data not be replayed but it will never leave the browsers of your users. SessionStack's servers never receive excluded data.
All passwords fields, by default, are completely ignored by SessionStack.


All access to SessionStack REST API endpoints requires an access token that can be generated on demand by customers.