Some SCIM providers send access tokens and passwords in the
user create payload. Prior to this change, in the event of an error
GitLab would send all params back in the error message. When
passwords and access tokens are present in params this is undesired
and unsafe. This change strips sensitive params so error messages
use 'safe params'.