Address review comments

msm1992 · msm1992 · commit 737ba313a877 · 2026-01-16T14:07:08.000+05:30
diff --git a/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/APIAdminImpl.java b/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/APIAdminImpl.java
@@ -1747,20 +1747,24 @@ private void maskValues(KeyManagerConfigurationDTO keyManagerConfigurationDTO) {
             Map<String, Object> additionalProperties = keyManagerConfigurationDTO.getAdditionalProperties();
             List<ConfigurationDto> connectionConfigurations =
                     keyManagerConnectorConfiguration.getConnectionConfigurations();
-            for (ConfigurationDto connectionConfiguration : connectionConfigurations) {
-                if (connectionConfiguration.isMask()) {
-                    additionalProperties.replace(connectionConfiguration.getName(),
-                            APIConstants.DEFAULT_MODIFIED_ENDPOINT_PASSWORD);
+            if (connectionConfigurations != null && !connectionConfigurations.isEmpty()) {
+                for (ConfigurationDto connectionConfiguration : connectionConfigurations) {
+                    if (connectionConfiguration.isMask()) {
+                        additionalProperties.replace(connectionConfiguration.getName(),
+                                APIConstants.DEFAULT_MODIFIED_ENDPOINT_PASSWORD);
+                    }
                 }
             }
 
             // if authConfiguration array is not empty, check for maskable values there as well
             if (keyManagerConnectorConfiguration.getAuthConfigurations() != null
                     && !(keyManagerConnectorConfiguration.getAuthConfigurations().isEmpty())) {
                 List<ConfigurationDto> authConfigurations = keyManagerConnectorConfiguration.getAuthConfigurations();
-                // Recursively check nested objects in authConfigurations and apply masking
-                for (ConfigurationDto authConfiguration : authConfigurations) {
-                    applyMaskToNestedFields(authConfiguration.getValues(), additionalProperties);
+                if (authConfigurations != null && !authConfigurations.isEmpty()) {
+                    // Recursively check nested objects in authConfigurations and apply masking
+                    for (ConfigurationDto authConfiguration : authConfigurations) {
+                        applyMaskToNestedFields(authConfiguration.getValues(), additionalProperties);
+                    }
                 }
             }
         }
