From c4c653f4e4ba9571e24ab14835f10775d71a7275 Mon Sep 17 00:00:00 2001
From: Kelly Song <kellysong@microsoft.com>
Date: Wed, 22 Jan 2025 14:16:10 -0800
Subject: [PATCH] mark keysAttempted as non PII

---
 src/Microsoft.IdentityModel.JsonWebTokens/JwtTokenUtilities.cs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/Microsoft.IdentityModel.JsonWebTokens/JwtTokenUtilities.cs b/src/Microsoft.IdentityModel.JsonWebTokens/JwtTokenUtilities.cs
index 02eb40bce4..518b37353f 100644
--- a/src/Microsoft.IdentityModel.JsonWebTokens/JwtTokenUtilities.cs
+++ b/src/Microsoft.IdentityModel.JsonWebTokens/JwtTokenUtilities.cs
@@ -367,7 +367,7 @@ private static ValidationError GetDecryptionError(
                 return new ValidationError(
                     new MessageDetail(
                         TokenLogMessages.IDX10603,
-                        keysAttempted.ToString(),
+                        LogHelper.MarkAsNonPII(keysAttempted.ToString()),
                         exceptionStrings?.ToString() ?? string.Empty,
                         LogHelper.MarkAsSecurityArtifact(decryptionParameters.EncodedToken, SafeLogJwtToken)),
                     ValidationFailureType.TokenDecryptionFailed,