Transforming User entity

System Information
  • Strapi Version: 3.6.5
  • Operating System: Windows
  • Database: Postgres
  • Node Version: 14.17.0
  • NPM Version: 6.14.13
  • Yarn Version: -

When fetching a User from the Userpermissions plugin in Strapi, we return all the fields. This includes for instance the email address, the provider and the blocked field. I want to reduce the number of fields that get sent back by the API.

Is there a proper way of removing fields from an entity using the REST api in v3?

I tried fixing it in the controller with a custom function for the get request on users/:id.

This does fix it for that endpoint, but when fetching an Article (of which a User is an author, in our case), the whole User gets sent along with the Article.

Is there a way to nicely handle this without having to refactor every query that contains a User?

I know GraphQL brings a solution to this, and so might Strapi v4. But we do not plan on upgrading right now.

Is there something in the sanitizeEntity function we can provide to Strapi so we can transform our entities?