diff --git a/arches/app/views/api/auth.py b/arches/app/views/api/auth.py
index e01c8abb0c..84c113f1fa 100644
--- a/arches/app/views/api/auth.py
+++ b/arches/app/views/api/auth.py
@@ -4,7 +4,7 @@
 from django.contrib.auth import authenticate, login, logout
 from django.utils.decorators import method_decorator
 from django.utils.translation import gettext as _
-from django.views.decorators.debug import sensitive_variables
+from django.views.decorators.debug import sensitive_variables, sensitive_post_parameters
 from django_ratelimit.decorators import ratelimit
 
 from arches.app.models.system_settings import settings
@@ -19,6 +19,7 @@ class Login(LoginView, APIBase):
     http_method_names = ["post"]
 
     @sensitive_variables()
+    @sensitive_post_parameters()
     @method_decorator(
         ratelimit(key="post:username", rate=settings.RATE_LIMIT, block=False)
     )
diff --git a/arches/app/views/auth.py b/arches/app/views/auth.py
index e29d0e2fe0..e693e75e2d 100644
--- a/arches/app/views/auth.py
+++ b/arches/app/views/auth.py
@@ -32,7 +32,7 @@
 from django.utils.decorators import method_decorator
 from django.views.decorators.cache import never_cache
 from django.views.decorators.csrf import csrf_exempt
-from django.views.decorators.debug import sensitive_variables
+from django.views.decorators.debug import sensitive_post_parameters, sensitive_variables
 from django.utils.html import strip_tags
 from django.utils.translation import gettext as _
 from django.utils.http import urlencode
@@ -88,6 +88,7 @@ def get(self, request):
             )
 
     @sensitive_variables()
+    @sensitive_post_parameters()
     @method_decorator(
         ratelimit(
             key="post:username",
@@ -371,6 +372,7 @@ def get(self, request):
         return JSONResponse(messages)
 
     @sensitive_variables()
+    @sensitive_post_parameters()
     @method_decorator(ratelimit(key="user", rate=settings.RATE_LIMIT, block=False))
     def post(self, request):
         messages = {
@@ -428,6 +430,7 @@ class PasswordResetConfirmView(auth_views.PasswordResetConfirmView):
 @method_decorator(csrf_exempt, name="dispatch")
 class UserProfileView(View):
     @sensitive_variables()
+    @sensitive_post_parameters()
     @method_decorator(ratelimit(key="post:username", rate=settings.RATE_LIMIT))
     def post(self, request):
         username = request.POST.get("username", None)
@@ -450,6 +453,7 @@ def post(self, request):
 @method_decorator(csrf_exempt, name="dispatch")
 class GetClientIdView(View):
     @sensitive_variables()
+    @sensitive_post_parameters()
     @method_decorator(ratelimit(key="post:username", rate=settings.RATE_LIMIT))
     def post(self, request):
         if settings.OAUTH_CLIENT_ID == "":
@@ -470,6 +474,7 @@ def post(self, request):
 @method_decorator(csrf_exempt, name="dispatch")
 class ServerSettingView(View):
     @sensitive_variables()
+    @sensitive_post_parameters()
     @method_decorator(ratelimit(key="post:username", rate=settings.RATE_LIMIT))
     def post(self, request):
         if settings.OAUTH_CLIENT_ID == "":
@@ -579,6 +584,7 @@ def post(self, request):
 @method_decorator(never_cache, name="dispatch")
 class TwoFactorAuthenticationLoginView(View):
     @sensitive_variables()
+    @sensitive_post_parameters()
     def post(self, request):
         username = request.POST.get("username", None)
         password = request.POST.get("password", None)