This is a repository for Protegrity API Playground documentation.
The documentation is available in the HTML format and can be viewed using your browser. You can also print and download the .pdf files of the required documentation.
This is the multi-page printable view of this section. Click here to print.
API Playground Documentation
- 1: About API Playground
- 2: Key Concepts
- 3: Downloads
- 4: Getting Started
- 4.1: Initial Setup
- 4.2: Postman Guide
- 4.3: VS Code Guide
- 5: Authentication
- 5.1: Login
- 5.2: Change Password
- 6: Using the API
- 6.1: Usage & Limitations
- 6.2: Required Headers
- 6.3: Users and Roles
- 6.4: Sensitive Data Discovery Endpoints
- 6.4.1: Discover
- 6.5: Data Protection Endpoints
- 6.5.1: Name (PII)
- 6.5.2: Address (PII)
- 6.5.3: City (PII)
- 6.5.4: Postcode (PII)
- 6.5.5: Zipcode (PII)
- 6.5.6: Phone (PII)
- 6.5.7: Email (PII)
- 6.5.8: Date of Birth (PII)
- 6.5.9: National Insurance Number (PII)
- 6.5.10: Social Security Number (PII)
- 6.5.11: Credit Card Number (PCI DSS)
- 6.5.12: Passport (PII)
- 6.5.13: IBAN (PII)
- 6.5.14: String
- 6.5.15: Number
- 6.5.16: Text (Encryption)
- 6.5.17: Datetime
- 6.5.18: Multitype
- 6.6: GenAI Security Endpoints (Preview)
- 6.6.1: Classify (Preview)
- 6.6.2: Protect (Preview)
- 6.6.3: Unprotect (Preview)
- 6.7: Private Endpoints
- 6.7.1: Data Protection Endpoint
- 6.7.2: Data Unprotection Endpoint
- 6.7.3: Data Classification Endpoint
- 6.7.4: Nesting Requests
- 6.7.5: Data Security Policy
- 7: Release Notes
- 8: Code Samples
- 8.1: AWS Glue Integration
- 8.2: Snowflake Integration
1 - About API Playground
Summary of the capability
Protegrity API Playground is a free to use platform that lets you test the core functionality of Protegrity data security suite: sensitive data discovery and protection.
Our data protection service secures data while keeping its analytical utility. By leveraging Protegrity Vaultless Tokenization it preserves features of the data it receives: its format, length, language – and in some cases, also position and case. Referential integrity of protected data is kept intact. Protection consistency is maintained, too: every time you send a specific data point to the API, it will be protected the same way, i.e. “New York” will always be tokenized to “xYs fpsE”, etc. The API allows for data re-identification, i.e., retrieval to its original form.
Our GenAI security engine is powered by advanced context-aware models to classify and automatically protect your datasets, preparing them for use with your GenAI applications.
With the API Playground we strive for creating a valuable exploration platform for individuals and companies interested in Protegrity’s offering. We encourage feedback from the community.
Note that the Protegrity API Playground is not an official Protegrity product. It is intended for preliminary functionality testing and use of synthetic data is strongly advised. Performance has been limited by design (see the Usage & Limitations section). The platform is for demonstration purposes only and may not be an exact representation of the product.
2 - Key Concepts
Key concepts used by the API Playground
Data-Centric Security
A process of data de-identification that removes sensitivity from the original data in order to render it worthless in unauthorized hands. Data-Centric Security is commonly implemented through tokenization, encryption, FPE, hashing, and masking.
Sensitive Data Discovery
A process of detection and classification of sensitive data using advanced language models. Sensitive data includes personally identifiable information, commercially sensitive information, or otherwise confidential attributes associated with an individual.
Tokenization
Data tokenization is a reversible method of data protection. In tokenization, sensitive data is substituted with a randomly generated surrogate value known as a token. Generated token may be configured to be format, length, and language-preserving. Additional controls, such as adhering to a date range or passing the Luhn check are available. Tokenization is the most popular data protection method among Protegrity’s clients. Learn more about Protegrity Vaultless Tokenization.
Encryption
Encryption is an alternative method of reversible data protection. It uses mathematical algorithms and cryptographic keys to change data into “binary ciphertext,” rendering the encrypted data unreadable and unusable. To access the original data, a user needs to present an encryption key, which reverses the encryption process and unlocks the data.
External IV
A user-defined input added to a tokenization request that is used as a starting variable for the algorithm. The external IVs are used to enhance security. Attaching a custom IV to your request results in producing distinct tokenized values than the same request without or with a different IV.
3 - Downloads
Useful resources to download
Get a jump start with the platform by downloading our pre-configured request collections.
AVAILABLE COLLECTIONS
4 - Getting Started
Learn how to get started with Protegrity API Playground
This section groups together useful resources for getting started with the Playground: the initial user acount creation and step-by-step guides that walk you through the sign-up process, your IDE setup and a handful of examples of how to interact with the platform.
4.1 - Initial Setup
Creating a user account and completing the registration
You can sign-up to Protegrity API Playground using the form on the official API Playground webpage. Within a few minutes you will receive an email from us with your unique API Key and a password. You will use your email and password to login to the Playground via the Login endpoint. On a successuful login you will receive a JWT token. The JWT token, together with your API key, will authenticate your requests to the Playground going forward.
Tip
If you’re here for the first time, you may want to take a look at one of our Getting Started guides for Postman and VS Studio Code – REST.4.2 - Postman Guide
Using Protegrity API Playground with Postman
For organizations handling sensitive data, finding a secure and efficient way to test data protection solutions is crucial. The Protegrity API Playground offers a straightforward way to test Protegrity’s data protection features. The Playground grants you 10,000 API requests after registration to use as you see fit: protecting names, addresses, credit card numbers – or any other data your organization considers secure. This guide will walk you through the setup process and show you sample API calls. And for those who prefer to skip the reading, check out our video guides: Registration & Setup or Using the API.
Choose your language & IDE
The best way to start with the Playground is to use our preconfigured Postman collection: import it into Postman and you are good to go. In this guide we will walk through the login process and show you how to generate requests to the API.
Registration
To register with Protegrity API Playground, fill out the form on the API Playground landing page. The information you provide is collected for user management and analytics. It is protected with Protegrity’s tokenization, ensuring that only authorized team members can view it in clear text. We are drinking our own champagne – it would be unwise not to!
Registration with Protegrity API Playground is straightforward
Once registered, you will receive an email from us. It will include your temporary password and API key. You will need them to authenticate with the Playground.
Welcome Email with your unique API key and password
Login
You will need to log in to start interacting with the Playground. To do so, pass your email and password to the /login endpoint. On a successful login, you will receive a JWT Token. The token, alongside your API Key will be used to authorize the API requests to the Playground going forward.
Login to receive your JWT token
The JWT Token expires every 24 hours. To renew it, go to the /login endpoint, and we will issue a new one.
Environment Setup
Consider saving your JWT Token and the API Key as environment variables for convenience. If you use our preconfigured Postman collection, you can store them in the variables section. This will ensure that they are sent alongside every request and save you some tedious work of providing them with every call.
Setting environment variables in Postman
Now that’s done you’re all set! Let the API Playground be your oyster.
Data Protection Endpoints
Protegrity API Playground exposes a curated selection of endpoints for data protection: you can use them to secure any PII, PCI, or otherwise sensitive information. The predefined endpoints include names, addresses, zip codes, credit card numbers, social security numbers, and more.
Protegrity’s Vaultless Tokenization is renowned for its high configurability. The Playground lets you experiment with some of its flagship capabilities: length-, language-, position-, and case-preservation. This means that if you pass French strings to the API, you will receive a token that carries French characters. Numeric zip codes are length-preserving, meaning that a 5-digit input will produce a 5-digit output. Postcodes, i.e., codes that mix digits and characters, are even more advanced: you will keep their original length, position, and case in the received token. This is a very different approach to encryption, where the cyphertext resulting from the cryptographic function does not match the input domain and requires the developer to change the application to accommodate it.
A full list of available endpoints and their properties is available in the Using the API section. Let’s play around with some of them to give you an idea of what the Playground can offer.
Testing the API
We have hand-picked some protection endpoints that are representative of what you can expect from the Playground – and Protegrity’s platform.
Protecting Names
Most of our clients choose to protect their customers’ names. Let’s construct a request to the /name endpoint to secure the name of the King of England: Charles Mountbatten-Windsor.
The operation should be set to protect: this is how you will instruct the API what to do.
Paste the King’s name in the data and send the request.
Protecting the King’s name
And poof! The King is no longer a known person (in your records). Note that the /name endpoint does not support any text feature preservation (length, case, or position), as there is rarely any business case to do so. You will also notice that something interesting has happened: the separator within the King’s surname was not removed. This is because this tokenization element only acts on letters. Everything else is returned as-is.
You can now pass the protected string into the request and switch the operation to unprotect. This will return the King’s name.
Unprotecting the King’s name
The /name endpoint offers language preservation for German and French characters. To switch it on, provide a dictionary as an option and set it to your preferred language.
Setting French as the dictionary
Protecting Date of Birth
Date of birth is another attribute commonly considered as PII. If you provide it with a date, it will return its secured version in that same format. You can also decide to leave the year in the clear. Often, an entire date of birth is considered a sensitive attribute, however a year on its own is acceptable to be left in the clear.
Here’s a sample request issued to /dob endpoint that demonstrates this feature:
Protecting dates of birth
Protecting Credit Card Numbers
Leaving your customer’s credit card numbers unprotected is a sure way to anger auditors, lose customer trust, and get into trouble. CCN is the core piece of data to secure – if you’re unsure what should be your priority, this is it.
When calling the /ccn endpoint, you can decide to protect the entire credit card string or leave the 8-digit BIN in the clear:
Protecting credit card numbers
Protecting multi-type payloads
Now that you have a good grasp of how our API Playground works, you can take it up a notch and protect (and unprotect) multiple data types at once. To do that, use the /multi endpoint. Specify the operation type, the data type, and options for each data point. Refer to the description of each data type (endpoint) to see all options available.
Here’s an example protection request of an address in Paris:
Multi-type request
Summary
The Protegrity API Playground offers a practical and essential entry point to test, evaluate, and refine data protection strategies within a secure environment, allowing teams to see if Protegrity is the right fit for their data privacy needs. Register today to start safeguarding your sensitive data, one API request at a time.
4.3 - VS Code Guide
Using Protegrity API Playground with VSCode REST Client
The Protegrity API Playground offers an easy way to test Protegrity’s data protection features. It comes with a pre-configured HTTP requests file that can be used in Visual Studio Code with the REST Client extension.
This is an addendum to the Postman guide. Please read that blog post first to learn how to register and how to use the Protegrity API Playground.
Add the REST Client extension
Follow the official documentation on how to add the REST Client extension in Visual Studio Code.
Download the HTTP requests collection
The best way to start with the Protegrity Playground in Visual Studio Code is to use our preconfigured HTTP requests collection file: get it from our Downloads section and open it in Visual Studio Code.
Add your API Key
The HTTP request file starts with the definition of some variables.
@api_token = changeme
@api_url = api.playground.protegrity.com
@api_version = v1
@jwt_token = changeme
@api_auth = auth
These variables will be used to construct the Playground’s URI and populate your authentication information.
Change the @api_token to the value you received in your welcome email.
You’ll get the jwt_token only after your first login.
Bonus: Renew your JWT Token automatically
Since the JWT token is only valid for 24 hours and changes with a following login here’s a tip how you can set it automatically after each login.
The first request in the file is the user login.
Add two lines to set the @jwt_token variable after each execution of the login request like in the following example:
# @name User_Login
POST https://{{api_url}}/{{api_auth}}/login
Authorization: {{jwt_token}}
Content-Type: application/json
{
"email": "<YOUR_EMAIL>",
"password": "<YOUR_PASSWORD>"
}
###
@jwt_token = {{User_Login.response.body.jwt_token}}
Keep your eye on the updates
The API Playground is an evergreen project: we are rolling out updates and new features every couple of months.
5 - Authentication
Protegrity API Playground uses an API Key and a JWT token for request authorization. You will receive your unique API Key as part of the registration process. This section documents how to obtain a JWT token and change your password.
Note: Accounts that were not activated within 7 days will be deleted and the users will be required to re-register.
Watch the video below for step-by-step instructions on registering with Protegrity API Playground:
5.1 - Login
METHOD: POST
ENDPOINT: https://api.playground.protegrity.com/auth/login
ATTRIBUTES:
email (required) Your registered email address.
password (required) Your password.
DESCRIPTION:
Obtain a JWT token for request authentication. Use your email and password to log in. The received JWT token is valid for 24 hours. Run the endpoint again to request a new token.
SAMPLE REQUEST
cURL --location 'https://api.playground.protegrity.com/auth/login' \
--header 'Content-Type: application/json' \
--data-raw '{
"email": "<USER_EMAIL>",
"password": "<USER_PASSWORD>"
}'
SAMPLE RESPONSE
{
"statusCode": 201,
"message": "Login successful",
"jwt_token": "eyJraWQiOiI4T2pkOXlCWnlhMGYyVnZxRmRTblowN1ZnUEp6SHpTWFY5XC9xWXhvVTJWMD0iLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI4NDU4ZDQ2OC02MDIxLTcwMzktMTYzZi0zZGU4ZDZjMGE1ODgiLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwiaXNzIjoiaHR0cHM6XC9cL2NvZ25pdG8taWRwLnVzLWVhc3QtMS5hbWF6b25hd3MuY29t"
}
5.2 - Change Password
Note: Alternatively, you can use the Change Password Form to change your password.
METHOD: POST
ENDPOINT: https://api.playground.protegrity.com/auth/change-password
DESCRIPTION:
Change your password. This is a recommended action for all newly registered accounts.
Password requirements: Your new password should be at least 8 characters long, include a special character, a lowercase letter, an uppercase letter, and a number.
ATTRIBUTES:
email (required) The email address you used to register with the Playground.
old_password (required) Your old password. For new accounts, this is the password you received from us during registration.
new_password (required) Your new password.
SAMPLE REQUEST
curl --location 'https://api.playground.protegrity.com/auth/change-password' \
--header 'Content-Type: application/json' \
--data-raw '{
"email": "<USER_EMAIL>",
"old_password": "<OLD_PASSWORD>",
"new_password": "<NEW_PASSWORD>"
}'
SAMPLE RESPONSE
{
"statusCode": 201,
"message": "Password change successful"
}
6 - Using the API
What to expect
Protegrity API Playground features functionality derived from the original suite of Protegrity products in a form of API calls. Our API endpoints are easy-to-use and ask for minimal configuration. The Playground divides available endpoint portfolio into the following families:
- Data Protection endpoints, covering sensitive data protection. Users can decide to transform various data types, from numbers, strings, and dates without any inherent logic tom specific PII attributes like postcodes, or social security numbers.
- Sensitive Data Discovery endpoints, which allow users to detect and classify sensitive data within payloads.
- GenAI Security endpoints that combine the capabilities of the above, allowing users to perform automatic discovery and protection of sensitive data and specify their risk tolerance.
- Private endpoints low-level APIs that are the closest to the actual product experience, allowing for high customization. We suggest using the private endpoints for conducting PoCs in house – with Protegrity’s Professional Services guidance. The endpoints are disabled to all users by default and are available upon request only.
Note: Protegrity does not store any data received from external API requests.
Watch the video below to learn how to use the API Playground:
6.1 - Usage & Limitations
Limits of the API
To ensure fair use of the API service, we enforce rate limits on API requests.
These limits are:
- Request Rate: 50 per second
- Burst: up to 100
- Quota: 10,000 requests per user
- Max. Payload Size: 1MB
The same limits do not apply when using the Private endpoints.
Note: Users are removed from the platform after 30 days of inactivity.
6.2 - Required Headers
Required authentication headers
Every request should carry the following headers:
-
x-api-key (required): Your unique API Key. Received after a successful sign-up.
-
Authorization (required): A JWT token for the session. Obtained by running the Login and Change Password endpoints.
-
Content-Type (required): Set to application/json.
6.3 - Users and Roles
Built-in users and roles to impersonate
To add additional flavor to your testing activities, you can now leverage any of the preconfigured users to showcase Protegrity’s Role-Based Access Controls. Using a diffierent user will result in distinct views over sensitive data. Some users will only be able to protect data but will not be able to reverse the operation. Some users will only be able to re-identify selected attributes.
To use any of the roles, simply pass your chosen value to the payload in the user attribute during the protect or unprotect operation. If the user is not specified, the request will default to superuser.
Available Roles
The following roles and users have been configured and are available for use:
ADMIN:
admin or devops or jay.banerjee The role can protect all data but cannot unprotect. Upon an unprotection attempt they will be displayed protected values.
FINANCE:
finance or robin.goodwill The role can unprotect all PII and PCI data. The role cannot protect any data. When attempting to unprotect data without authorization, they will be displayed nulls.
MARKETING:
marketing or merlin.ishida The role can unprotect some PII data that is required for analytical research and campaign outreach. When attempting to unprotect data without authorization, they will be displayed nulls. The role cannot protect any data.
HR:
hr or paloma.torres The role can unprotect all PII data but cannot view any PCI data. When attempting to unprotect data without authorization, they will be displayed nulls. The role cannot protect any data.
OTHER:
superuser The role can perform any protect and unprotect operation. The role has been made available for testing only – we strongly advise against creating superuser roles in your environments.
Additionally, you may type in any user name to simulate unauthorized user behavior.
6.4 - Sensitive Data Discovery Endpoints
Detecting sensitive information
Sensitive data discovery is a cornerstone of any data-centric security initiative: it helps understand whether any sensitive data resides at rest, or it is present within ETL pipelines or elsewhere in-transit. The API Playground exposes REST endpoint that can be used to identify sensitive data within received payloads.
6.4.1 - Discover
Detect and classify sensitive data
METHOD: POST
ENDPOINT: https://api.playground.protegrity.com/v1/discover
DESCRIPTION:
Detect and classify sensitive data in a given input. The endpoint will return a classification and confidence score for every sensitive attribute found, alongside its location – a column name or a start and end index. Confidence score returns values from 0.1 to 1. The higher the confidence score, the more the product is sure of the PII classification it produced. We recommend using the confidence score to prioritize inspection of found sensitive data.
ATTRIBUTES:
data (required) Input data to transform.
OPTIONS:
format (required) Specify the format of the input data. Option text covers unstructured text. Option csv is used for processing comma-separated values. Accepts: [ text | csv ].
header_line (optional) Specific to csv content only. Set to true if the data includes a header line in the first row. Set to false in case of the opposite. Accepts: [ true | false ]. Defaults to false.
raw (optional) Returns verbose output of the classification job when set to true. Accepts: [ true | false ]. Defaults to false.
SAMPLE REQUEST – TEXT
curl --location 'https://api.playground.protegrity.com/v1/discover' \
--header 'x-api-key: <API_Key>' \
--header 'Content-Type: application/json' \
--header 'Authorization: <JWT_TOKEN>' \
--data '{
"options": {
"format": "text",
"raw": false
},
"data": ["Hello, this is Peregrine Grey from Air Industries, could you give me a call back to my mobile number 212-456-7890. Have a lovely day!"]
}'
import requests
import json
JWT_Token = "<JWT_TOKEN>"
API_Key = "<API_Key>"
url = 'https://api.playground.protegrity.com/v1/discover'
headers = { 'x-api-key': API_Key, 'Content-Type': 'application/json', 'Authorization': JWT_Token }
data = {
"options": {
"format": "text",
"raw": "false"
},
"data": ["Hello, this is Peregrine Grey from Air Industries, could you give me a call back to my mobile number 212-456-7890. Have a lovely day!"]
}
response = requests.post(url, headers=headers, data=json.dumps(data))
print(response.text)
import java.net.HttpURLConnection;
import java.net.URI;
import java.net.URL;
import java.io.OutputStream;
import java.io.InputStreamReader;
import java.io.BufferedReader;
public class APIRequest { public static void main(String[] args) {
try {
String JWT_Token = "<JWT_TOKEN>"
String API_Key = "<API_Key>"
URI uri = new URI("https://api.playground.protegrity.com/v1/discover");
URL url = uri.toURL();
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setRequestProperty("x-api-key", API_Key);
conn.setRequestProperty("Content-Type", "application/json");
conn.setRequestProperty("Authorization", JWT_Token); conn.setDoOutput(true);
String jsonInputString = "{ \"options\": {\n" + //
" \"format\": \"text\",\n" + //
" \"raw\": false\n" + //
" },\n" + //
" \"data\": [\"Hello, this is Peregrine Grey from Air Industries, could you give me a call back to my mobile number 212-456-7890. Have a lovely day!\"]\n" + //
" }";
try (OutputStream os = conn.getOutputStream()) {
byte[] input = jsonInputString.getBytes("utf-8");
os.write(input, 0, input.length);
}
try (BufferedReader br = new BufferedReader(new InputStreamReader(conn.getInputStream(), "utf-8"))) {
StringBuilder response = new StringBuilder();
String responseLine = null;
while ((responseLine = br.readLine()) != null) {
response.append(responseLine.trim());
}
System.out.println(response.toString());
}
} catch (Exception e) {
e.printStackTrace();
}
}
}
fetch('https://api.playground.protegrity.com/v1/discover',
{ method: 'POST',
headers: { 'x-api-key': '<API_Key>', 'Content-Type': 'application/json', 'Authorization': '<JWT_TOKEN>' },
body: JSON.stringify({
"options": {
"format": "text",
"raw": false
},
"data": ["Hello, this is Peregrine Grey from Air Industries, could you give me a call back to my mobile number 212-456-7890. Have a lovely day!"]
})
})
.then(response => response.json())
.then(data => console.log(data))
.catch(error => console.error('Error:', error));
package main
import (
"io"
"fmt"
"strings"
"net/http"
)
func main() {
JWT_Token := "<JWT_TOKEN>"
API_Key := "<API_Key>"
url := "https://api.playground.protegrity.com/v1/discover"
data := strings.NewReader(`{
"options": {
"format": "text",
"raw": false
},
"data": ["Hello, this is Peregrine Grey from Air Industries, could you give me a call back to my mobile number 212-456-7890. Have a lovely day!"]
}`)
req, err := http.NewRequest("POST", url, data)
if err != nil {
fmt.Println(err)
return
}
req.Header.Set("x-api-key", API_Key)
req.Header.Set("Content-Type", "application/json")
req.Header.Set("Authorization", JWT_Token)
client := &http.Client{}
resp, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer resp.Body.Close()
body, err := io.ReadAll(resp.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}
SAMPLE RESPONSE – TEXT
[
{
"score": 0.85,
"classification": "PHONE_NUMBER",
"start_index": 101,
"end_index": 113
},
{
"score": 0.99,
"classification": "PERSON",
"start_index": 15,
"end_index": 29
}
]
SAMPLE REQUEST – CSV
curl --location 'https://api.playground.protegrity.com/v1/ai' \
--header 'x-api-key: <API_Key>' \
--header 'Content-Type: application/json' \
--header 'Authorization: <JWT_TOKEN>' \
--data '{
"operation": "classify",
"options": {
"format": "csv",
"header_line": true,
"raw": false
},
"data": ["Social Security Number,Credit Card Number,IBAN,Phone Number\n589-25-1068,349384370543801,FR43 9255 4858 47BG 3EBG U4OK O18,(483) 9440301\n636-36-3077,4041594844904,AL50 8947 4215 KAEY GAPM NLYC FNZG,(113) 5143119\n748-82-2375,3558175715821800,AT34 4082 9269 0841 5702,(763) 5136237\n516-62-9861,560221027976015000,FR22 0068 7181 11FB UG8H ECEM 306,(726) 6031636\n121-49-9409,374283320982549,DK37 5687 8459 8060 79,(624) 9205200\n838-73-3299,5558216060144900,CR54 8952 8144 6403 4765 0,(356) 9479541\n439-11-5310,5048376143641900,RS76 6213 4824 0184 8983 74,(544) 5623326\n564-06-8466,3543299511845640,EE51 6882 3443 7863 4703,(702) 6093849\n518-54-5443,3543019452249540,IT65 D000 3874 2801 Z15I LNLL OOX,(584) 8618371"]
}'
import requests
import json
JWT_Token = "<JWT_TOKEN>"
API_Key = "<API_Key>"
url = 'https://api.playground.protegrity.com/v1/discover'
headers = { 'x-api-key': API_Key, 'Content-Type': 'application/json', 'Authorization': JWT_Token }
data = {
"operation": "classify",
"options": {
"format": "csv",
"header_line": "true",
"raw": "false"
},
"data": ["Social Security Number,Credit Card Number,IBAN,Phone Number\n589-25-1068,349384370543801,FR43 9255 4858 47BG 3EBG U4OK O18,(483) 9440301\n636-36-3077,4041594844904,AL50 8947 4215 KAEY GAPM NLYC FNZG,(113) 5143119\n748-82-2375,3558175715821800,AT34 4082 9269 0841 5702,(763) 5136237\n516-62-9861,560221027976015000,FR22 0068 7181 11FB UG8H ECEM 306,(726) 6031636\n121-49-9409,374283320982549,DK37 5687 8459 8060 79,(624) 9205200\n838-73-3299,5558216060144900,CR54 8952 8144 6403 4765 0,(356) 9479541\n439-11-5310,5048376143641900,RS76 6213 4824 0184 8983 74,(544) 5623326\n564-06-8466,3543299511845640,EE51 6882 3443 7863 4703,(702) 6093849\n518-54-5443,3543019452249540,IT65 D000 3874 2801 Z15I LNLL OOX,(584) 8618371"]
}
response = requests.post(url, headers=headers, data=json.dumps(data))
print(response.text)
import java.net.HttpURLConnection;
import java.net.URI;
import java.net.URL;
import java.io.OutputStream;
import java.io.InputStreamReader;
import java.io.BufferedReader;
public class APIRequest { public static void main(String[] args) {
try {
String JWT_Token = "<JWT_TOKEN>"
String API_Key = "<API_Key>"
URI uri = new URI("https://api.playground.protegrity.com/v1/discover");
URL url = uri.toURL();
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setRequestProperty("x-api-key", API_Key);
conn.setRequestProperty("Content-Type", "application/json");
conn.setRequestProperty("Authorization", JWT_Token); conn.setDoOutput(true);
String jsonInputString = "{ \"operation\": \"classify\",\n" + //
" \"options\": {\n" + //
" \"format\": \"csv\",\n" + //
" \"header_line\": true,\n" + //
" \"raw\": false\n" + //
" },\n" + //
" \"data\": [\"Social Security Number,Credit Card Number,IBAN,Phone Number\\n" + //
"589-25-1068,349384370543801,FR43 9255 4858 47BG 3EBG U4OK O18,(483) 9440301\\n" + //
"636-36-3077,4041594844904,AL50 8947 4215 KAEY GAPM NLYC FNZG,(113) 5143119\\n" + //
"748-82-2375,3558175715821800,AT34 4082 9269 0841 5702,(763) 5136237\\n" + //
"516-62-9861,560221027976015000,FR22 0068 7181 11FB UG8H ECEM 306,(726) 6031636\\n" + //
"121-49-9409,374283320982549,DK37 5687 8459 8060 79,(624) 9205200\\n" + //
"838-73-3299,5558216060144900,CR54 8952 8144 6403 4765 0,(356) 9479541\\n" + //
"439-11-5310,5048376143641900,RS76 6213 4824 0184 8983 74,(544) 5623326\\n" + //
"564-06-8466,3543299511845640,EE51 6882 3443 7863 4703,(702) 6093849\\n" + //
"518-54-5443,3543019452249540,IT65 D000 3874 2801 Z15I LNLL OOX,(584) 8618371\"]\n" + //
" }";
try (OutputStream os = conn.getOutputStream()) {
byte[] input = jsonInputString.getBytes("utf-8");
os.write(input, 0, input.length);
}
try (BufferedReader br = new BufferedReader(new InputStreamReader(conn.getInputStream(), "utf-8"))) {
StringBuilder response = new StringBuilder();
String responseLine = null;
while ((responseLine = br.readLine()) != null) {
response.append(responseLine.trim());
}
System.out.println(response.toString());
}
} catch (Exception e) {
e.printStackTrace();
}
}
}
fetch('https://api.playground.protegrity.com/v1/discover',
{ method: 'POST',
headers: { 'x-api-key': '<API_Key>', 'Content-Type': 'application/json', 'Authorization': '<JWT_TOKEN>' },
body: JSON.stringify({
"operation": "classify",
"options": {
"format": "csv",
"header_line": true,
"raw": false
},
"data": ["Social Security Number,Credit Card Number,IBAN,Phone Number\n589-25-1068,349384370543801,FR43 9255 4858 47BG 3EBG U4OK O18,(483) 9440301\n636-36-3077,4041594844904,AL50 8947 4215 KAEY GAPM NLYC FNZG,(113) 5143119\n748-82-2375,3558175715821800,AT34 4082 9269 0841 5702,(763) 5136237\n516-62-9861,560221027976015000,FR22 0068 7181 11FB UG8H ECEM 306,(726) 6031636\n121-49-9409,374283320982549,DK37 5687 8459 8060 79,(624) 9205200\n838-73-3299,5558216060144900,CR54 8952 8144 6403 4765 0,(356) 9479541\n439-11-5310,5048376143641900,RS76 6213 4824 0184 8983 74,(544) 5623326\n564-06-8466,3543299511845640,EE51 6882 3443 7863 4703,(702) 6093849\n518-54-5443,3543019452249540,IT65 D000 3874 2801 Z15I LNLL OOX,(584) 8618371"]
})
})
.then(response => response.json())
.then(data => console.log(data))
.catch(error => console.error('Error:', error));
package main
import (
"io"
"fmt"
"strings"
"net/http"
)
func main() {
JWT_Token := "<JWT_TOKEN>"
API_Key := "<API_Key>"
url := "https://api.playground.protegrity.com/v1/discover"
data := strings.NewReader(`{
"operation": "classify",
"options": {
"format": "csv",
"header_line": true,
"raw": false
},
"data": ["Social Security Number,Credit Card Number,IBAN,Phone Number\n589-25-1068,349384370543801,FR43 9255 4858 47BG 3EBG U4OK O18,(483) 9440301\n636-36-3077,4041594844904,AL50 8947 4215 KAEY GAPM NLYC FNZG,(113) 5143119\n748-82-2375,3558175715821800,AT34 4082 9269 0841 5702,(763) 5136237\n516-62-9861,560221027976015000,FR22 0068 7181 11FB UG8H ECEM 306,(726) 6031636\n121-49-9409,374283320982549,DK37 5687 8459 8060 79,(624) 9205200\n838-73-3299,5558216060144900,CR54 8952 8144 6403 4765 0,(356) 9479541\n439-11-5310,5048376143641900,RS76 6213 4824 0184 8983 74,(544) 5623326\n564-06-8466,3543299511845640,EE51 6882 3443 7863 4703,(702) 6093849\n518-54-5443,3543019452249540,IT65 D000 3874 2801 Z15I LNLL OOX,(584) 8618371"]
}`)
req, err := http.NewRequest("POST", url, data)
if err != nil {
fmt.Println(err)
return
}
req.Header.Set("x-api-key", API_Key)
req.Header.Set("Content-Type", "application/json")
req.Header.Set("Authorization", JWT_Token)
client := &http.Client{}
resp, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer resp.Body.Close()
body, err := io.ReadAll(resp.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}
SAMPLE RESPONSE – CSV
[
{
"score": 0.85,
"classification": "US_SSN",
"column_name": "Social Security Number",
"column_index": 0
},
{
"score": 0.11,
"classification": "CREDIT_CARD",
"column_name": "Credit Card Number",
"column_index": 1
},
{
"score": 0.04,
"classification": "US_BANK_NUMBER",
"column_name": "Credit Card Number",
"column_index": 1
},
{
"score": 0.0,
"classification": "US_DRIVER_LICENSE",
"column_name": "Credit Card Number",
"column_index": 1
},
{
"score": 0.01,
"classification": "US_DRIVER_LICENSE",
"column_name": "IBAN",
"column_index": 2
},
{
"score": 0.01,
"classification": "US_DRIVER_LICENSE",
"column_name": "Phone Number",
"column_index": 3
},
{
"score": 0.79,
"classification": "IBAN_CODE",
"column_name": "IBAN",
"column_index": 2
},
{
"score": 0.09,
"classification": "DATE_TIME",
"column_name": "IBAN",
"column_index": 2
},
{
"score": 0.75,
"classification": "PHONE_NUMBER",
"column_name": "Phone Number",
"column_index": 3
},
{
"score": 0.01,
"classification": "PERSON",
"column_name": "Phone Number",
"column_index": 3
}
]
6.5 - Data Protection Endpoints
Protecting names, addresses, and other PII information
Protegrity API Playground exposes a curated selection of endpoints for data protection: you can use them to secure any PII and PCI information. The predefined endpoints include names, addresses, numbers, Credit Card Numbers, Social Security Numbers, and more. Format, length and language preservation are supported.
This collection is a subset of Protegrity functions available in the full version of the product.
6.5.1 - Name (PII)
Data protection endpoint
METHOD: POST
ENDPOINT: https://api.playground.protegrity.com/v1/name
DESCRIPTION:
Protect or unprotect a person’s name. The received token is not length-preserving.
ATTRIBUTES:
data (required) Input data to transform.
operation (required) Specify if to protect or unprotect data. Accepts: [ protect | unprotect ].
user (optional) Choose a user to impersonate from the list of pre-configured roles.
OPTIONS:
dictionary (optional) Specify the Unicode domain of the input and output values. Option en covers all characters within the Basic Latin block of the Unicode standard (range U+0000..U+007F). Options de and fr extend that coverage to include German and French characters, respectively. Accepts: [ en | de | fr ]. Defaults to en.
eiv (optional) Provide your custom initialization vector to introduce additional variance in the output. The IV may be a number, letter, special character, or a combination of those. Learn more about the IVs in the Key Concepts section. Note that to unprotect the data back to its original value, the eiv has to be provided in the payload.
SAMPLE REQUEST
curl --location 'https://api.playground.protegrity.com/v1/name' \
--header 'x-api-key: <API_Key>' \
--header 'Content-Type: application/json' \
--header 'Authorization: <JWT_TOKEN>' \
--data '{
"operation": "protect",
"data": ["Robin", "Wren"],
"options": {
"dictionary": "en"
}
}'
import requests
import json
JWT_Token = "<JWT_TOKEN>"
API_Key = "<API_Key>"
url = 'https://api.playground.protegrity.com/v1/name'
headers = { 'x-api-key': API_Key, 'Content-Type': 'application/json', 'Authorization': JWT_Token }
data = {
"operation": "protect",
"data": ["Robin", "Wren"],
"options": {
"dictionary": "en"
}
}
response = requests.post(url, headers=headers, data=json.dumps(data))
print(response.text)
import java.net.HttpURLConnection;
import java.net.URI;
import java.net.URL;
import java.io.OutputStream;
import java.io.InputStreamReader;
import java.io.BufferedReader;
public class APIRequest { public static void main(String[] args) {
try {
String JWT_Token = "<JWT_TOKEN>"
String API_Key = "<API_Key>"
URI uri = new URI("https://api.playground.protegrity.com/v1/name");
URL url = uri.toURL();
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setRequestProperty("x-api-key", API_Key);
conn.setRequestProperty("Content-Type", "application/json");
conn.setRequestProperty("Authorization", JWT_Token); conn.setDoOutput(true);
String jsonInputString = "{ \"operation\": \"protect\", \"data\": [\"Robin\", \"Wren\"], \"options\": { \"dictionary\": \"en\" } }";
try (OutputStream os = conn.getOutputStream()) {
byte[] input = jsonInputString.getBytes("utf-8");
os.write(input, 0, input.length);
}
try (BufferedReader br = new BufferedReader(new InputStreamReader(conn.getInputStream(), "utf-8"))) {
StringBuilder response = new StringBuilder();
String responseLine = null;
while ((responseLine = br.readLine()) != null) {
response.append(responseLine.trim());
}
System.out.println(response.toString());
}
} catch (Exception e) {
e.printStackTrace();
}
}
}
fetch('https://api.playground.protegrity.com/v1/name',
{ method: 'POST',
headers: { 'x-api-key': '<API_Key>', 'Content-Type': 'application/json', 'Authorization': '<JWT_TOKEN>' },
body: JSON.stringify({
"operation": "protect",
"data": ["Robin", "Wren"],
"options": { "dictionary": "en" }
})
})
.then(response => response.json())
.then(data => console.log(data))
.catch(error => console.error('Error:', error));
package main
import (
"io"
"fmt"
"strings"
"net/http"
)
func main() {
JWT_Token := "<JWT_TOKEN>"
API_Key := "<API_Key>"
url := "https://api.playground.protegrity.com/v1/name"
data := strings.NewReader(`{
"operation": "protect",
"data": ["Robin", "Wren"],
"options": {"dictionary": "en"}
}`)
req, err := http.NewRequest("POST", url, data)
if err != nil {
fmt.Println(err)
return
}
req.Header.Set("x-api-key", API_Key)
req.Header.Set("Content-Type", "application/json")
req.Header.Set("Authorization", JWT_Token)
client := &http.Client{}
resp, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer resp.Body.Close()
body, err := io.ReadAll(resp.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}
SAMPLE RESPONSE
[
"xkKZQ",
"hTKo"
]
6.5.2 - Address (PII)
Data protection endpoint
METHOD: POST
ENDPOINT: https://api.playground.protegrity.com/v1/address
DESCRIPTION:
Protect or unprotect an address. The received token is not length-preserving.
ATTRIBUTES:
data (required) Input data to transform.
operation (required) Specify if to protect or unprotect data. Accepts: [ protect | unprotect ].
user (optional) Choose a user to impersonate from the list of pre-configured roles.
OPTIONS:
dictionary (optional) Specify the Unicode domain of the input and output values. Option en covers all characters within the Basic Latin block of the Unicode standard (range U+0000..U+007F). Options de and fr extend that coverage to include German and French characters, respectively. Accepts: [ en | de | fr ]. Defaults to en.
eiv (optional) Provide your custom initialization vector to introduce additional variance in the output. The IV may be a number, letter, special character, or a combination of those. Learn more about the IVs in the Key Concepts section. Note that to unprotect the data back to its original value, the eiv has to be provided in the payload.
SAMPLE REQUEST
curl --location 'https://api.playground.protegrity.com/v1/address'
--header 'x-api-key: <API_Key>'
--header 'Content-Type: application/json'
--header 'Authorization: <JWT_TOKEN>'
--data '{
"operation": "protect",
"data": ["77 Boulevard Saint-Jacques", "46 avenue de la Grande Armée"],
"options": {
"dictionary": "fr"
}
}'
import requests
import json
JWT_Token = "<JWT_TOKEN>"
API_Key = "<API_Key>"
url = 'https://api.playground.protegrity.com/v1/address'
headers = { 'x-api-key': API_Key, 'Content-Type': 'application/json', 'Authorization': JWT_Token }
data = {
"operation": "protect",
"data": ["77 Boulevard Saint-Jacques", "46 avenue de la Grande Armée"],
"options": {
"dictionary": "fr"
}
}
response = requests.post(url, headers=headers, data=json.dumps(data))
print(response.text)
import java.net.HttpURLConnection;
import java.net.URI;
import java.net.URL;
import java.io.OutputStream;
import java.io.InputStreamReader;
import java.io.BufferedReader;
public class APIRequest { public static void main(String[] args) {
try {
String JWT_Token = "<JWT_TOKEN>"
String API_Key = "<API_Key>"
URI uri = new URI("https://api.playground.protegrity.com/v1/address");
URL url = uri.toURL();
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setRequestProperty("x-api-key", API_Key);
conn.setRequestProperty("Content-Type", "application/json");
conn.setRequestProperty("Authorization", JWT_Token); conn.setDoOutput(true);
String jsonInputString = "{ \"operation\": \"protect\", \"data\": [\"77 Boulevard Saint-Jacques\", \"46 avenue de la Grande Armée\"], \"options\": { \"dictionary\": \"fr\" } }";
try (OutputStream os = conn.getOutputStream()) {
byte[] input = jsonInputString.getBytes("utf-8");
os.write(input, 0, input.length);
}
try (BufferedReader br = new BufferedReader(new InputStreamReader(conn.getInputStream(), "utf-8"))) {
StringBuilder response = new StringBuilder();
String responseLine = null;
while ((responseLine = br.readLine()) != null) {
response.append(responseLine.trim());
}
System.out.println(response.toString());
}
} catch (Exception e) {
e.printStackTrace();
}
}
}
fetch('https://api.playground.protegrity.com/v1/address',
{ method: 'POST',
headers: { 'x-api-key': '<API_Key>', 'Content-Type': 'application/json', 'Authorization': '<JWT_TOKEN>' },
body: JSON.stringify({
"operation": "protect",
"data": ["77 Boulevard Saint-Jacques", "46 avenue de la Grande Armée"],
"options": { "dictionary": "fr" }
})
})
.then(response => response.json())
.then(data => console.log(data))
.catch(error => console.error('Error:', error));
package main
import (
"io"
"fmt"
"strings"
"net/http"
)
func main() {
JWT_Token := "<JWT_TOKEN>"
API_Key := "<API_Key>"
url := "https://api.playground.protegrity.com/v1/address"
data := strings.NewReader(`{
"operation": "protect",
"data": ["77 Boulevard Saint-Jacques", "46 avenue de la Grande Armée"],
"options": {"dictionary": "fr"}
}`)
req, err := http.NewRequest("POST", url, data)
if err != nil {
fmt.Println(err)
return
}
req.Header.Set("x-api-key", API_Key)
req.Header.Set("Content-Type", "application/json")
req.Header.Set("Authorization", JWT_Token)
client := &http.Client{}
resp, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer resp.Body.Close()
body, err := io.ReadAll(resp.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}
SAMPLE RESPONSE
[
"3u CG5itJTNu KJStq-galulig",
"Gr AY5iAK k1 n8 LvIx74 ewBék"
]
6.5.3 - City (PII)
Data protection endpoint
METHOD: POST
ENDPOINT: https://api.playground.protegrity.com/v1/city
DESCRIPTION:
Protect or unprotect a town or city. The received token is not length-preserving.
ATTRIBUTES:
data (required) Input data to transform.
operation (required) Specify if to protect or unprotect data. Accepts: [ protect | unprotect ].
user (optional) Choose a user to impersonate from the list of pre-configured roles.
OPTIONS:
dictionary (optional) Specify the Unicode domain of the input and output values. Option en covers all characters within the Basic Latin block of the Unicode standard (range U+0000..U+007F). Options de and fr extend that coverage to include German and French characters, respectively. Accepts: [ en | de | fr ]. Defaults to en.
eiv (optional) Provide your custom initialization vector to introduce additional variance in the output. The IV may be a number, letter, special character, or a combination of those. Learn more about the IVs in the Key Concepts section. Note that to unprotect the data back to its original value, the eiv has to be provided in the payload.
SAMPLE REQUEST
curl --location 'https://api.playground.protegrity.com/v1/city' \
--header 'x-api-key: <API_Key>' \
--header 'Content-Type: application/json' \
--header 'Authorization: <JWT_TOKEN>' \
--data '{
"operation": "protect",
"data": ["Berlin", "München"],
"options": {
"dictionary": "de"
}
}'
import requests
import json
JWT_Token = "<JWT_TOKEN>"
API_Key = "<API_Key>"
url = 'https://api.playground.protegrity.com/v1/city'
headers = { 'x-api-key': API_Key, 'Content-Type': 'application/json', 'Authorization': JWT_Token }
data = {
"operation": "protect",
"data": ["Berlin", "München"],
"options": {
"dictionary": "de"
}
}
response = requests.post(url, headers=headers, data=json.dumps(data))
print(response.text)
import java.net.HttpURLConnection;
import java.net.URI;
import java.net.URL;
import java.io.OutputStream;
import java.io.InputStreamReader;
import java.io.BufferedReader;
public class APIRequest { public static void main(String[] args) {
try {
String JWT_Token = "<JWT_TOKEN>"
String API_Key = "<API_Key>"
URI uri = new URI("https://api.playground.protegrity.com/v1/city");
URL url = uri.toURL();
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setRequestProperty("x-api-key", API_Key);
conn.setRequestProperty("Content-Type", "application/json");
conn.setRequestProperty("Authorization", JWT_Token); conn.setDoOutput(true);
String jsonInputString = "{ \"operation\": \"protect\", \"data\": [\"Berlin\", \"München\"], \"options\": { \"dictionary\": \"de\" } }";
try (OutputStream os = conn.getOutputStream()) {
byte[] input = jsonInputString.getBytes("utf-8");
os.write(input, 0, input.length);
}
try (BufferedReader br = new BufferedReader(new InputStreamReader(conn.getInputStream(), "utf-8"))) {
StringBuilder response = new StringBuilder();
String responseLine = null;
while ((responseLine = br.readLine()) != null) {
response.append(responseLine.trim());
}
System.out.println(response.toString());
}
} catch (Exception e) {
e.printStackTrace();
}
}
}
fetch('https://api.playground.protegrity.com/v1/city',
{ method: 'POST',
headers: { 'x-api-key': '<API_Key>', 'Content-Type': 'application/json', 'Authorization': '<JWT_TOKEN>' },
body: JSON.stringify({
"operation": "protect",
"data": ["Berlin", "München"],
"options": { "dictionary": "de" }
})
})
.then(response => response.json())
.then(data => console.log(data))
.catch(error => console.error('Error:', error));
package main
import (
"io"
"fmt"
"strings"
"net/http"
)
func main() {
JWT_Token := "<JWT_TOKEN>"
API_Key := "<API_Key>"
url := "https://api.playground.protegrity.com/v1/city"
data := strings.NewReader(`{
"operation": "protect",
"data": ["Berlin", "München"],
"options": {"dictionary": "de"}
}`)
req, err := http.NewRequest("POST", url, data)
if err != nil {
fmt.Println(err)
return
}
req.Header.Set("x-api-key", API_Key)
req.Header.Set("Content-Type", "application/json")
req.Header.Set("Authorization", JWT_Token)
client := &http.Client{}
resp, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer resp.Body.Close()
body, err := io.ReadAll(resp.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}
SAMPLE RESPONSE
[
"hjsöIO",
"YAßiaoP"
]
6.5.4 - Postcode (PII)
Data protection endpoint
METHOD: POST
ENDPOINT: https://api.playground.protegrity.com/v1/postcode
DESCRIPTION:
Protect or unprotect a postal code with digits and chatacters. The received token is case-, length-, and position-preserving but may create invalid postal codes (e.g., restricted letters).
ATTRIBUTES:
data (required) Input data to transform.
operation (required) Specify if to protect or unprotect data. Accepts: [ protect | unprotect ].
user (optional) Choose a user to impersonate from the list of pre-configured roles.
SAMPLE REQUEST
curl --location 'https://api.playground.protegrity.com/v1/postcode' \
--header 'x-api-key: <API_Key>' \
--header 'Content-Type: application/json' \
--header 'Authorization: <JWT_TOKEN>' \
--data '{
"operation": "protect",
"data": ["WX90GA", "SW700"]
}'
import requests
import json
JWT_Token = "<JWT_TOKEN>"
API_Key = "<API_Key>"
url = 'https://api.playground.protegrity.com/v1/postcode'
headers = { 'x-api-key': API_Key, 'Content-Type': 'application/json', 'Authorization': JWT_Token }
data = {
"operation": "protect",
"data": ["WX90GA", "SW700"]
}
response = requests.post(url, headers=headers, data=json.dumps(data))
print(response.text)
import java.net.HttpURLConnection;
import java.net.URI;
import java.net.URL;
import java.io.OutputStream;
import java.io.InputStreamReader;
import java.io.BufferedReader;
public class APIRequest { public static void main(String[] args) {
try {
String JWT_Token = "<JWT_TOKEN>"
String API_Key = "<API_Key>"
URI uri = new URI("https://api.playground.protegrity.com/v1/postcode");
URL url = uri.toURL();
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setRequestProperty("x-api-key", API_Key);
conn.setRequestProperty("Content-Type", "application/json");
conn.setRequestProperty("Authorization", JWT_Token); conn.setDoOutput(true);
String jsonInputString = "{ \"operation\": \"protect\", \"data\": [\"WX90GA\", \"SW700\"] }";
try (OutputStream os = conn.getOutputStream()) {
byte[] input = jsonInputString.getBytes("utf-8");
os.write(input, 0, input.length);
}
try (BufferedReader br = new BufferedReader(new InputStreamReader(conn.getInputStream(), "utf-8"))) {
StringBuilder response = new StringBuilder();
String responseLine = null;
while ((responseLine = br.readLine()) != null) {
response.append(responseLine.trim());
}
System.out.println(response.toString());
}
} catch (Exception e) {
e.printStackTrace();
}
}
}
fetch('https://api.playground.protegrity.com/v1/postcode',
{ method: 'POST',
headers: { 'x-api-key': '<API_Key>', 'Content-Type': 'application/json', 'Authorization': '<JWT_TOKEN>' },
body: JSON.stringify({
"operation": "protect",
"data": ["WX90GA", "SW700"]
})
})
.then(response => response.json())
.then(data => console.log(data))
.catch(error => console.error('Error:', error));
package main
import (
"io"
"fmt"
"strings"
"net/http"
)
func main() {
JWT_Token := "<JWT_TOKEN>"
API_Key := "<API_Key>"
url := "https://api.playground.protegrity.com/v1/postcode"
data := strings.NewReader(`{
"operation": "protect",
"data": ["WX90GA", "SW700"]
}`)
req, err := http.NewRequest("POST", url, data)
if err != nil {
fmt.Println(err)
return
}
req.Header.Set("x-api-key", API_Key)
req.Header.Set("Content-Type", "application/json")
req.Header.Set("Authorization", JWT_Token)
client := &http.Client{}
resp, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer resp.Body.Close()
body, err := io.ReadAll(resp.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}
SAMPLE RESPONSE
[
"AD12TT",
"II867"
]
6.5.5 - Zipcode (PII)
Data protection endpoint
METHOD: POST
ENDPOINT: https://api.playground.protegrity.com/v1/zipcode
DESCRIPTION:
Protect or unprotect a postal code with digits only. The received token is length-preserving. The method may produce leading zeroes and invalid zipcodes (e.g., restricted digits).
ATTRIBUTES:
data (required) Input data to transform.
operation (required) Specify if to protect or unprotect data. Accepts: [ protect | unprotect ].
user (optional) Choose a user to impersonate from the list of pre-configured roles.
OPTIONS:
eiv (optional) Provide your custom initialization vector to introduce additional variance in the output. The IV may be a number, letter, special character, or a combination of those. Learn more about the IVs in the Key Concepts section. Note that to unprotect the data back to its original value, the eiv has to be provided in the payload.
SAMPLE REQUEST
curl --location 'https://api.playground.protegrity.com/v1/zipcode' \
--header 'x-api-key: <API_Key>' \
--header 'Content-Type: application/json' \
--header 'Authorization: <JWT_TOKEN>' \
--data '{
"operation": "protect",
"data": ["29017", "28100"]
}'
import requests
import json
JWT_Token = "<JWT_TOKEN>"
API_Key = "<API_Key>"
url = 'https://api.playground.protegrity.com/v1/zipcode'
headers = { 'x-api-key': API_Key, 'Content-Type': 'application/json', 'Authorization': JWT_Token }
data = {
"operation": "protect",
"data": ["29017", "28100"]
}
response = requests.post(url, headers=headers, data=json.dumps(data))
print(response.text)
import java.net.HttpURLConnection;
import java.net.URI;
import java.net.URL;
import java.io.OutputStream;
import java.io.InputStreamReader;
import java.io.BufferedReader;
public class APIRequest { public static void main(String[] args) {
try {
String JWT_Token = "<JWT_TOKEN>"
String API_Key = "<API_Key>"
URI uri = new URI("https://api.playground.protegrity.com/v1/zipcode");
URL url = uri.toURL();
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setRequestProperty("x-api-key", API_Key);
conn.setRequestProperty("Content-Type", "application/json");
conn.setRequestProperty("Authorization", JWT_Token); conn.setDoOutput(true);
String jsonInputString = "{ \"operation\": \"protect\", \"data\": [\"29017\", \"28100\"] }";
try (OutputStream os = conn.getOutputStream()) {
byte[] input = jsonInputString.getBytes("utf-8");
os.write(input, 0, input.length);
}
try (BufferedReader br = new BufferedReader(new InputStreamReader(conn.getInputStream(), "utf-8"))) {
StringBuilder response = new StringBuilder();
String responseLine = null;
while ((responseLine = br.readLine()) != null) {
response.append(responseLine.trim());
}
System.out.println(response.toString());
}
} catch (Exception e) {
e.printStackTrace();
}
}
}
fetch('https://api.playground.protegrity.com/v1/zipcode',
{ method: 'POST',
headers: { 'x-api-key': '<API_Key>', 'Content-Type': 'application/json', 'Authorization': '<JWT_TOKEN>' },
body: JSON.stringify({
"operation": "protect",
"data": ["29017", "28100"]
})
})
.then(response => response.json())
.then(data => console.log(data))
.catch(error => console.error('Error:', error));
package main
import (
"io"
"fmt"
"strings"
"net/http"
)
func main() {
JWT_Token := "<JWT_TOKEN>"
API_Key := "<API_Key>"
url := "https://api.playground.protegrity.com/v1/zipcode"
data := strings.NewReader(`{
"operation": "protect",
"data": ["29017", "28100"]
}`)
req, err := http.NewRequest("POST", url, data)
if err != nil {
fmt.Println(err)
return
}
req.Header.Set("x-api-key", API_Key)
req.Header.Set("Content-Type", "application/json")
req.Header.Set("Authorization", JWT_Token)
client := &http.Client{}
resp, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer resp.Body.Close()
body, err := io.ReadAll(resp.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}
SAMPLE RESPONSE
[
"00891",
"67996"
]
6.5.6 - Phone (PII)
Data protection endpoint
METHOD: POST
ENDPOINT: https://api.playground.protegrity.com/v1/phone
DESCRIPTION:
Protect or unprotect a phone number. The received token is length-preserving. May return leading zeroes.
ATTRIBUTES:
data (required) Input data to transform.
operation (required) Specify if to protect or unprotect data. Accepts: [ protect | unprotect ].
user (optional) Choose a user to impersonate from the list of pre-configured roles.
OPTIONS:
eiv (optional) Provide your custom initialization vector to introduce additional variance in the output. The IV may be a number, letter, special character, or a combination of those. Learn more about the IVs in the Key Concepts section. Note that to unprotect the data back to its original value, the eiv has to be provided in the payload.
SAMPLE REQUEST
curl --location 'https://api.playground.protegrity.com/v1/phone' \
--header 'x-api-key: <API_Key>' \
--header 'Content-Type: application/json' \
--header 'Authorization: <JWT_TOKEN>' \
--data '{
"operation": "protect",
"data": ["63098109", "120-99-02-10"]
}'
import requests
import json
JWT_Token = "<JWT_TOKEN>"
API_Key = "<API_Key>"
url = 'https://api.playground.protegrity.com/v1/phone'
headers = { 'x-api-key': API_Key, 'Content-Type': 'application/json', 'Authorization': JWT_Token }
data = {
"operation": "protect",
"data": ["63098109", "120-99-02-10"]
}
response = requests.post(url, headers=headers, data=json.dumps(data))
print(response.text)
import java.net.HttpURLConnection;
import java.net.URI;
import java.net.URL;
import java.io.OutputStream;
import java.io.InputStreamReader;
import java.io.BufferedReader;
public class APIRequest { public static void main(String[] args) {
try {
String JWT_Token = "<JWT_TOKEN>"
String API_Key = "<API_Key>"
URI uri = new URI("https://api.playground.protegrity.com/v1/phone");
URL url = uri.toURL();
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setRequestProperty("x-api-key", API_Key);
conn.setRequestProperty("Content-Type", "application/json");
conn.setRequestProperty("Authorization", JWT_Token); conn.setDoOutput(true);
String jsonInputString = "{ \"operation\": \"protect\", \"data\": [\"63098109\", \"120-99-02-10\"] }";
try (OutputStream os = conn.getOutputStream()) {
byte[] input = jsonInputString.getBytes("utf-8");
os.write(input, 0, input.length);
}
try (BufferedReader br = new BufferedReader(new InputStreamReader(conn.getInputStream(), "utf-8"))) {
StringBuilder response = new StringBuilder();
String responseLine = null;
while ((responseLine = br.readLine()) != null) {
response.append(responseLine.trim());
}
System.out.println(response.toString());
}
} catch (Exception e) {
e.printStackTrace();
}
}
}
fetch('https://api.playground.protegrity.com/v1/phone',
{ method: 'POST',
headers: { 'x-api-key': '<API_Key>', 'Content-Type': 'application/json', 'Authorization': '<JWT_TOKEN>' },
body: JSON.stringify({
"operation": "protect",
"data": ["63098109", "120-99-02-10"]
})
})
.then(response => response.json())
.then(data => console.log(data))
.catch(error => console.error('Error:', error));
package main
import (
"io"
"fmt"
"strings"
"net/http"
)
func main() {
JWT_Token := "<JWT_TOKEN>"
API_Key := "<API_Key>"
url := "https://api.playground.protegrity.com/v1/phone"
data := strings.NewReader(`{
"operation": "protect",
"data": ["63098109", "120-99-02-10"]
}`)
req, err := http.NewRequest("POST", url, data)
if err != nil {
fmt.Println(err)
return
}
req.Header.Set("x-api-key", API_Key)
req.Header.Set("Content-Type", "application/json")
req.Header.Set("Authorization", JWT_Token)
client := &http.Client{}
resp, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer resp.Body.Close()
body, err := io.ReadAll(resp.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}
SAMPLE RESPONSE
[
"81176289",
"425-44-65-10"
]
6.5.7 - Email (PII)
Data protection endpoint
METHOD: POST
ENDPOINT: https://api.playground.protegrity.com/v1/email
DESCRIPTION:
Protect or unprotect a phone number. The received token is length-preserving. May return leading zeroes.
ATTRIBUTES:
data (required) Input data to transform.
operation (required) Specify if to protect or unprotect data. Accepts: [ protect | unprotect ].
user (optional) Choose a user to impersonate from the list of pre-configured roles.
OPTIONS:
eiv (optional) Provide your custom initialization vector to introduce additional variance in the output. The IV may be a number, letter, special character, or a combination of those. Learn more about the IVs in the Key Concepts section. Note that to unprotect the data back to its original value, the eiv has to be provided in the payload.
SAMPLE REQUEST
curl --location 'https://api.playground.protegrity.com/v1/email' \
--header 'x-api-key: <API_Key>' \
--header 'Content-Type: application/json' \
--header 'Authorization: <JWT_TOKEN>' \
--data '{
"operation": "protect",
"data": ["ava.mcconnor@acme.corp", "wren@business.com"]
}'
import requests
import json
JWT_Token = "<JWT_TOKEN>"
API_Key = "<API_Key>"
url = 'https://api.playground.protegrity.com/v1/email'
headers = { 'x-api-key': API_Key, 'Content-Type': 'application/json', 'Authorization': JWT_Token }
data = {
"operation": "protect",
"data": ["ava.mcconnor@acme.corp", "wren@business.com"]
}
response = requests.post(url, headers=headers, data=json.dumps(data))
print(response.text)
import java.net.HttpURLConnection;
import java.net.URI;
import java.net.URL;
import java.io.OutputStream;
import java.io.InputStreamReader;
import java.io.BufferedReader;
public class APIRequest { public static void main(String[] args) {
try {
String JWT_Token = "<JWT_TOKEN>"
String API_Key = "<API_Key>"
URI uri = new URI("https://api.playground.protegrity.com/v1/email");
URL url = uri.toURL();
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setRequestProperty("x-api-key", API_Key);
conn.setRequestProperty("Content-Type", "application/json");
conn.setRequestProperty("Authorization", JWT_Token); conn.setDoOutput(true);
String jsonInputString = "{ \"operation\": \"protect\", \"data\": [\"ava.mcconnor@acme.corp\", \"wren@business.com\"] }";
try (OutputStream os = conn.getOutputStream()) {
byte[] input = jsonInputString.getBytes("utf-8");
os.write(input, 0, input.length);
}
try (BufferedReader br = new BufferedReader(new InputStreamReader(conn.getInputStream(), "utf-8"))) {
StringBuilder response = new StringBuilder();
String responseLine = null;
while ((responseLine = br.readLine()) != null) {
response.append(responseLine.trim());
}
System.out.println(response.toString());
}
} catch (Exception e) {
e.printStackTrace();
}
}
}
fetch('https://api.playground.protegrity.com/v1/email',
{ method: 'POST',
headers: { 'x-api-key': '<API_Key>', 'Content-Type': 'application/json', 'Authorization': '<JWT_TOKEN>' },
body: JSON.stringify({
"operation": "protect",
"data": ["ava.mcconnor@acme.corp", "wren@business.com"]
})
})
.then(response => response.json())
.then(data => console.log(data))
.catch(error => console.error('Error:', error));
package main
import (
"io"
"fmt"
"strings"
"net/http"
)
func main() {
JWT_Token := "<JWT_TOKEN>"
API_Key := "<API_Key>"
url := "https://api.playground.protegrity.com/v1/email"
data := strings.NewReader(`{
"operation": "protect",
"data": ["ava.mcconnor@acme.corp", "wren@business.com"]
}`)
req, err := http.NewRequest("POST", url, data)
if err != nil {
fmt.Println(err)
return
}
req.Header.Set("x-api-key", API_Key)
req.Header.Set("Content-Type", "application/json")
req.Header.Set("Authorization", JWT_Token)
client := &http.Client{}
resp, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer resp.Body.Close()
body, err := io.ReadAll(resp.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}
SAMPLE RESPONSE
[
"d3E.ui2sOks@acme.corp",
"6KOe@business.com"
]
6.5.8 - Date of Birth (PII)
Data protection endpoint
METHOD: POST
ENDPOINT: https://api.playground.protegrity.com/v1/dob
DESCRIPTION:
Protect or unprotect a phone number. The received token is length-preserving. May return leading zeroes.
ATTRIBUTES:
data (required) Input data to transform.
operation (required) Specify if to protect or unprotect data. Accepts: [ protect | unprotect ].
user (optional) Choose a user to impersonate from the list of pre-configured roles.
OPTIONS:
year (optional) Set to true to leave the year in the clear. Must be set to true when unprotecting the string tokenized using this option. Accepts: [ true | false ]. Defaults to false.
SAMPLE REQUEST
curl --location 'https://api.playground.protegrity.com/v1/dob' \
--header 'x-api-key: <API_Key>' \
--header 'Content-Type: application/json' \
--header 'Authorization: <JWT_TOKEN>' \
--data '{
"operation": "protect",
"data": ["1980/12/10", "1965/01/27"],
"options": {
"year": true
}
}'
import requests
import json
JWT_Token = "<JWT_TOKEN>"
API_Key = "<API_Key>"
url = 'https://api.playground.protegrity.com/v1/dob'
headers = { 'x-api-key': API_Key, 'Content-Type': 'application/json', 'Authorization': JWT_Token }
data = {
"operation": "protect",
"data": ["1980/12/10", "1965/01/27"],
"options": {
"year": "true"
}
}
response = requests.post(url, headers=headers, data=json.dumps(data))
print(response.text)
import java.net.HttpURLConnection;
import java.net.URI;
import java.net.URL;
import java.io.OutputStream;
import java.io.InputStreamReader;
import java.io.BufferedReader;
public class APIRequest { public static void main(String[] args) {
try {
String JWT_Token = "<JWT_TOKEN>"
String API_Key = "<API_Key>"
URI uri = new URI("https://api.playground.protegrity.com/v1/dob");
URL url = uri.toURL();
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setRequestProperty("x-api-key", API_Key);
conn.setRequestProperty("Content-Type", "application/json");
conn.setRequestProperty("Authorization", JWT_Token); conn.setDoOutput(true);
String jsonInputString = "{ \"operation\": \"protect\", \"data\": [\"1980/12/10\", \"1965/01/27\"], \"options\": { \"year\": \"true\" } }";
try (OutputStream os = conn.getOutputStream()) {
byte[] input = jsonInputString.getBytes("utf-8");
os.write(input, 0, input.length);
}
try (BufferedReader br = new BufferedReader(new InputStreamReader(conn.getInputStream(), "utf-8"))) {
StringBuilder response = new StringBuilder();
String responseLine = null;
while ((responseLine = br.readLine()) != null) {
response.append(responseLine.trim());
}
System.out.println(response.toString());
}
} catch (Exception e) {
e.printStackTrace();
}
}
}
fetch('https://api.playground.protegrity.com/v1/dob',
{ method: 'POST',
headers: { 'x-api-key': '<API_Key>', 'Content-Type': 'application/json', 'Authorization': '<JWT_TOKEN>' },
body: JSON.stringify({
"operation": "protect",
"data": ["1980/12/10", "1965/01/27"],
"options": {
"year": true
}
})
})
.then(response => response.json())
.then(data => console.log(data))
.catch(error => console.error('Error:', error));
package main
import (
"io"
"fmt"
"strings"
"net/http"
)
func main() {
JWT_Token := "<JWT_TOKEN>"
API_Key := "<API_Key>"
url := "https://api.playground.protegrity.com/v1/dob"
data := strings.NewReader(`{
"operation": "protect",
"data": ["1980/12/10", "1965/01/27"],
"options": {
"year": true
}
}`)
req, err := http.NewRequest("POST", url, data)
if err != nil {
fmt.Println(err)
return
}
req.Header.Set("x-api-key", API_Key)
req.Header.Set("Content-Type", "application/json")
req.Header.Set("Authorization", JWT_Token)
client := &http.Client{}
resp, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer resp.Body.Close()
body, err := io.ReadAll(resp.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}
SAMPLE RESPONSE
[
"1980/03/24",
"1965/08/11"
]
6.5.9 - National Insurance Number (PII)
Data protection endpoint
METHOD: POST
ENDPOINT: https://api.playground.protegrity.com/v1/nin
DESCRIPTION:
Protect or unprotect a National Insurance Number (UK). The returned NIN is case-, length- and position-preserving, i.e., generated letters and numbers will adhere to their original position. Note that some NIN logic, i.e. restricted letters, is not preserved.
ATTRIBUTES:
data (required) Input data to transform.
operation (required) Specify if to protect or unprotect data. Accepts: [ protect | unprotect ].
user (optional) Choose a user to impersonate from the list of pre-configured roles.
SAMPLE REQUEST
curl --location 'https://api.playground.protegrity.com/v1/nin' \
--header 'x-api-key: <API_Key>' \
--header 'Content-Type: application/json' \
--header 'Authorization: <JWT_TOKEN>' \
--data '{
"operation": "protect",
"data": ["QQ123456A", "KT902281F"]
}'
import requests
import json
JWT_Token = "<JWT_TOKEN>"
API_Key = "<API_Key>"
url = 'https://api.playground.protegrity.com/v1/nin'
headers = { 'x-api-key': API_Key, 'Content-Type': 'application/json', 'Authorization': JWT_Token }
data = {
"operation": "protect",
"data": ["QQ123456A", "KT902281F"]
}
response = requests.post(url, headers=headers, data=json.dumps(data))
print(response.text)
import java.net.HttpURLConnection;
import java.net.URI;
import java.net.URL;
import java.io.OutputStream;
import java.io.InputStreamReader;
import java.io.BufferedReader;
public class APIRequest { public static void main(String[] args) {
try {
String JWT_Token = "<JWT_TOKEN>"
String API_Key = "<API_Key>"
URI uri = new URI("https://api.playground.protegrity.com/v1/nin");
URL url = uri.toURL();
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setRequestProperty("x-api-key", API_Key);
conn.setRequestProperty("Content-Type", "application/json");
conn.setRequestProperty("Authorization", JWT_Token); conn.setDoOutput(true);
String jsonInputString = "{ \"operation\": \"protect\", \"data\": [\"QQ123456A\", \"KT902281F\"] }";
try (OutputStream os = conn.getOutputStream()) {
byte[] input = jsonInputString.getBytes("utf-8");
os.write(input, 0, input.length);
}
try (BufferedReader br = new BufferedReader(new InputStreamReader(conn.getInputStream(), "utf-8"))) {
StringBuilder response = new StringBuilder();
String responseLine = null;
while ((responseLine = br.readLine()) != null) {
response.append(responseLine.trim());
}
System.out.println(response.toString());
}
} catch (Exception e) {
e.printStackTrace();
}
}
}
fetch('https://api.playground.protegrity.com/v1/nin',
{ method: 'POST',
headers: { 'x-api-key': '<API_Key>', 'Content-Type': 'application/json', 'Authorization': '<JWT_TOKEN>' },
body: JSON.stringify({
"operation": "protect",
"data": ["QQ123456A", "KT902281F"]
})
})
.then(response => response.json())
.then(data => console.log(data))
.catch(error => console.error('Error:', error));
package main
import (
"io"
"fmt"
"strings"
"net/http"
)
func main() {
JWT_Token := "<JWT_TOKEN>"
API_Key := "<API_Key>"
url := "https://api.playground.protegrity.com/v1/nin"
data := strings.NewReader(`{
"operation": "protect",
"data": ["QQ123456A", "KT902281F"]
}`)
req, err := http.NewRequest("POST", url, data)
if err != nil {
fmt.Println(err)
return
}
req.Header.Set("x-api-key", API_Key)
req.Header.Set("Content-Type", "application/json")
req.Header.Set("Authorization", JWT_Token)
client := &http.Client{}
resp, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer resp.Body.Close()
body, err := io.ReadAll(resp.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}
SAMPLE RESPONSE
[
"CD196371K",
"OO918451S"
]
6.5.10 - Social Security Number (PII)
Data protection endpoint
METHOD: POST
ENDPOINT: https://api.playground.protegrity.com/v1/ssn
DESCRIPTION:
Protect or unprotect a Social Security Number (US). The returned SSN is length- and format-preserving. Note that some SSN logic, i.e. restricted numbers within digit groups, is not preserved.
ATTRIBUTES:
data (required) Input data to transform.
operation (required) Specify if to protect or unprotect data. Accepts: [ protect | unprotect ].
user (optional) Choose a user to impersonate from the list of pre-configured roles.
OPTIONS:
eiv (optional) Provide your custom initialization vector to introduce additional variance in the output. The IV may be a number, letter, special character, or a combination of those. Learn more about the IVs in the Key Concepts section. Note that to unprotect the data back to its original value, the eiv has to be provided in the payload.
SAMPLE REQUEST
curl --location 'https://api.playground.protegrity.com/v1/ssn' \
--header 'x-api-key: <API_Key>' \
--header 'Content-Type: application/json' \
--header 'Authorization: <JWT_TOKEN>' \
--data '{
"operation": "protect",
"data": ["782-01-2930", "291-44-5983"]
}'
import requests
import json
JWT_Token = "<JWT_TOKEN>"
API_Key = "<API_Key>"
url = 'https://api.playground.protegrity.com/v1/ssn'
headers = { 'x-api-key': API_Key, 'Content-Type': 'application/json', 'Authorization': JWT_Token }
data = {
"operation": "protect",
"data": ["782-01-2930", "291-44-5983"]
}
response = requests.post(url, headers=headers, data=json.dumps(data))
print(response.text)
import java.net.HttpURLConnection;
import java.net.URI;
import java.net.URL;
import java.io.OutputStream;
import java.io.InputStreamReader;
import java.io.BufferedReader;
public class APIRequest { public static void main(String[] args) {
try {
String JWT_Token = "<JWT_TOKEN>"
String API_Key = "<API_Key>"
URI uri = new URI("https://api.playground.protegrity.com/v1/ssn");
URL url = uri.toURL();
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setRequestProperty("x-api-key", API_Key);
conn.setRequestProperty("Content-Type", "application/json");
conn.setRequestProperty("Authorization", JWT_Token); conn.setDoOutput(true);
String jsonInputString = "{ \"operation\": \"protect\", \"data\": [\"782-01-2930\", \"291-44-5983\"] }";
try (OutputStream os = conn.getOutputStream()) {
byte[] input = jsonInputString.getBytes("utf-8");
os.write(input, 0, input.length);
}
try (BufferedReader br = new BufferedReader(new InputStreamReader(conn.getInputStream(), "utf-8"))) {
StringBuilder response = new StringBuilder();
String responseLine = null;
while ((responseLine = br.readLine()) != null) {
response.append(responseLine.trim());
}
System.out.println(response.toString());
}
} catch (Exception e) {
e.printStackTrace();
}
}
}
fetch('https://api.playground.protegrity.com/v1/ssn',
{ method: 'POST',
headers: { 'x-api-key': '<API_Key>', 'Content-Type': 'application/json', 'Authorization': '<JWT_TOKEN>' },
body: JSON.stringify({
"operation": "protect",
"data": ["782-01-2930", "291-44-5983"]
})
})
.then(response => response.json())
.then(data => console.log(data))
.catch(error => console.error('Error:', error));
package main
import (
"io"
"fmt"
"strings"
"net/http"
)
func main() {
JWT_Token := "<JWT_TOKEN>"
API_Key := "<API_Key>"
url := "https://api.playground.protegrity.com/v1/ssn"
data := strings.NewReader(`{
"operation": "protect",
"data": ["782-01-2930", "291-44-5983"]
}`)
req, err := http.NewRequest("POST", url, data)
if err != nil {
fmt.Println(err)
return
}
req.Header.Set("x-api-key", API_Key)
req.Header.Set("Content-Type", "application/json")
req.Header.Set("Authorization", JWT_Token)
client := &http.Client{}
resp, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer resp.Body.Close()
body, err := io.ReadAll(resp.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}
SAMPLE RESPONSE
[
"399-03-3685",
"389-71-6451"
]
6.5.11 - Credit Card Number (PCI DSS)
Data protection endpoint
METHOD: POST
ENDPOINT: https://api.playground.protegrity.com/v1/ccn
DESCRIPTION:
Protect or unprotect a Credit Card Number. The returned CCN is not length-preserving. The endpoint accepts partial CCN protection, i.e. leaving the 8-digit BIN in the clear.
ATTRIBUTES:
data (required) Input data to transform.
user (optional) Choose a user to impersonate from the list of pre-configured roles.
operation (required) Specify if to protect or unprotect data. Accepts: [ protect | unprotect ].
OPTIONS:
bin (optional) Set to true to leave the 8-digit BIN number in the clear. Must be set to true when unprotecting the string tokenized using this option. Accepts: [ true | false ]. Defaults to false.
eiv (optional) Provide your custom initialization vector to introduce additional variance in the output. The IV may be a number, letter, special character, or a combination of those. Learn more about the IVs in the Key Concepts section. Note that to unprotect the data back to its original value, the eiv has to be provided in the payload.
SAMPLE REQUEST
curl --location 'https://api.playground.protegrity.com/v1/ccn'
--header 'x-api-key: <API_Key>'
--header 'Content-Type: application/json'
--header 'Authorization: <JWT_TOKEN>'
--data '{ "operation": "protect", "data": ["4321567898765432", "2376876534560987"], "options": { "bin": false } }' import requests import json
url = 'https://api.playground.protegrity.com/v1/ccn'
headers = { 'x-api-key': '<API_Key>', 'Content-Type': 'application/json', 'Authorization': '<JWT_TOKEN>' }
data = {
"operation": "protect",
"data": ["4321567898765432", "2376876534560987"],
"options": {
"bin": false
}
}
response = requests.post(url, headers=headers, data=json.dumps(data))
print(response.text) import java.net.HttpURLConnection;
import java.net.URI;
import java.net.URL;
import java.io.OutputStream;
import java.io.InputStreamReader;
import java.io.BufferedReader;
public class APIRequest { public static void main(String[] args) {
try {
String JWT_Token = "<JWT_TOKEN>"
String API_Key = "<API_Key>"
URI uri = new URI("https://api.playground.protegrity.com/v1/ccn");
URL url = uri.toURL();
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setRequestProperty("x-api-key", API_Key);
conn.setRequestProperty("Content-Type", "application/json");
conn.setRequestProperty("Authorization", JWT_Token); conn.setDoOutput(true);
String jsonInputString = "{ \"operation\": \"protect\", \"data\": [\"4321567898765432\", \"2376876534560987\"], \"options\": { \"bin\": false } }";
try (OutputStream os = conn.getOutputStream()) {
byte[] input = jsonInputString.getBytes("utf-8");
os.write(input, 0, input.length);
}
try (BufferedReader br = new BufferedReader(new InputStreamReader(conn.getInputStream(), "utf-8"))) {
StringBuilder response = new StringBuilder();
String responseLine = null;
while ((responseLine = br.readLine()) != null) {
response.append(responseLine.trim());
}
System.out.println(response.toString());
}
} catch (Exception e) {
e.printStackTrace();
}
}
}fetch('https://api.playground.protegrity.com/v1/ccn',
{ method: 'POST',
headers: { 'x-api-key': '<API_Key>', 'Content-Type': 'application/json', 'Authorization': '<JWT_TOKEN>' },
body: JSON.stringify({
"operation": "protect",
"data": ["4321567898765432", "2376876534560987"],
"options": { "bin": false }
})
})
.then(response => response.json())
.then(data => console.log(data))
.catch(error => console.error('Error:', error));
package main
import (
"io"
"fmt"
"strings"
"net/http"
)
func main() {
JWT_Token := "<JWT_TOKEN>"
API_Key := "<API_Key>"
url := "https://api.playground.protegrity.com/v1/ccn"
data := strings.NewReader(`{
"operation": "protect",
"data": ["4321567898765432", "2376876534560987"],
"options": {"bin": false}
}`)
req, err := http.NewRequest("POST", url, data)
if err != nil {
fmt.Println(err)
return
}
req.Header.Set("x-api-key", API_Key)
req.Header.Set("Content-Type", "application/json")
req.Header.Set("Authorization", JWT_Token)
client := &http.Client{}
resp, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer resp.Body.Close()
body, err := io.ReadAll(resp.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
} SAMPLE RESPONSE
[
"0449999816792240",
"6683962881463918"
]
6.5.12 - Passport (PII)
Data protection endpoint
METHOD: POST
ENDPOINT: https://api.playground.protegrity.com/v1/passport
DESCRIPTION:
Protect or unprotect a passport number. The returned passport number is case-, length- and position-preserving (i.e., generated letters and numbers will adhere to their original position). Note that some passport logic, i.e. restricted letters, is not preserved.
ATTRIBUTES:
data (required) Input data to transform.
operation (required) Specify if to protect or unprotect data. Accepts: [ protect | unprotect ].
user (optional) Choose a user to impersonate from the list of pre-configured roles.
SAMPLE REQUEST
curl --location 'https://api.playground.protegrity.com/v1/passport' \
--header 'x-api-key: <API_Key>' \
--header 'Content-Type: application/json' \
--header 'Authorization: <JWT_TOKEN>' \
--data '{
"operation": "protect",
"data": ["FA039020112", "CBR90110244"]
}'
import requests
import json
JWT_Token = "<JWT_TOKEN>"
API_Key = "<API_Key>"
url = 'https://api.playground.protegrity.com/v1/passport'
headers = { 'x-api-key': API_Key, 'Content-Type': 'application/json', 'Authorization': JWT_Token }
data = {
"operation": "protect",
"data": ["FA039020112", "CBR90110244"]
}
response = requests.post(url, headers=headers, data=json.dumps(data))
print(response.text)
import java.net.HttpURLConnection;
import java.net.URI;
import java.net.URL;
import java.io.OutputStream;
import java.io.InputStreamReader;
import java.io.BufferedReader;
public class APIRequest { public static void main(String[] args) {
try {
String JWT_Token = "<JWT_TOKEN>"
String API_Key = "<API_Key>"
URI uri = new URI("https://api.playground.protegrity.com/v1/passport");
URL url = uri.toURL();
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setRequestProperty("x-api-key", API_Key);
conn.setRequestProperty("Content-Type", "application/json");
conn.setRequestProperty("Authorization", JWT_Token); conn.setDoOutput(true);
String jsonInputString = "{ \"operation\": \"protect\", \"data\": [\"FA039020112\", \"CBR90110244\"] }";
try (OutputStream os = conn.getOutputStream()) {
byte[] input = jsonInputString.getBytes("utf-8");
os.write(input, 0, input.length);
}
try (BufferedReader br = new BufferedReader(new InputStreamReader(conn.getInputStream(), "utf-8"))) {
StringBuilder response = new StringBuilder();
String responseLine = null;
while ((responseLine = br.readLine()) != null) {
response.append(responseLine.trim());
}
System.out.println(response.toString());
}
} catch (Exception e) {
e.printStackTrace();
}
}
}
fetch('https://api.playground.protegrity.com/v1/passport',
{ method: 'POST',
headers: { 'x-api-key': '<API_Key>', 'Content-Type': 'application/json', 'Authorization': '<JWT_TOKEN>' },
body: JSON.stringify({
"operation": "protect",
"data": ["FA039020112", "CBR90110244"]
})
})
.then(response => response.json())
.then(data => console.log(data))
.catch(error => console.error('Error:', error));
package main
import (
"io"
"fmt"
"strings"
"net/http"
)
func main() {
JWT_Token := "<JWT_TOKEN>"
API_Key := "<API_Key>"
url := "https://api.playground.protegrity.com/v1/passport"
data := strings.NewReader(`{
"operation": "protect",
"data": ["FA039020112", "CBR90110244"]
}`)
req, err := http.NewRequest("POST", url, data)
if err != nil {
fmt.Println(err)
return
}
req.Header.Set("x-api-key", API_Key)
req.Header.Set("Content-Type", "application/json")
req.Header.Set("Authorization", JWT_Token)
client := &http.Client{}
resp, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer resp.Body.Close()
body, err := io.ReadAll(resp.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}
SAMPLE RESPONSE
[
"IN890183422",
"GFR67102933"
]
6.5.13 - IBAN (PII)
Data protection endpoint
METHOD: POST
ENDPOINT: https://api.playground.protegrity.com/v1/iban
DESCRIPTION:
Protect or unprotect an Internation Banking Account Number. The returned IBAN is case-, length- and position-preserving. Note that some IBAN logic, i.e., producing valid country codes or a checksum validation, is not supported. The endpoint accepts partial IBAN protection, i.e., leaving the letters in the clear.
ATTRIBUTES:
data (required) Input data to transform.
operation (required) Specify if to protect or unprotect data. Accepts: [ protect | unprotect ].
user (optional) Choose a user to impersonate from the list of pre-configured roles.
OPTIONS:
alpha (optional) Set to true to leave the original letters in the clear. Must be set to true when unprotecting the string tokenized using this option. Accepts: [ true | false ]. Defaults to false.
eiv (optional) Provide your custom initialization vector to introduce additional variance in the output. The IV may be a number, letter, special character, or a combination of those. Learn more about the IVs in the Key Concepts section. Note that to unprotect the data back to its original value, the eiv has to be provided in the payload. Note that this option is only available if alpha is set to true.
SAMPLE REQUEST
curl --location 'https://api.playground.protegrity.com/v1/iban' \
--header 'x-api-key: <API_Key>' \
--header 'Content-Type: application/json' \
--header 'Authorization: <JWT_TOKEN>' \
--data '{
"operation": "protect",
"data": ["NO8330001234567", "QA54QNBA000000000000693123456"],
"options": {
"alpha": true
}
}'
import requests
import json
JWT_Token = "<JWT_TOKEN>"
API_Key = "<API_Key>"
url = 'https://api.playground.protegrity.com/v1/iban'
headers = { 'x-api-key': API_Key, 'Content-Type': 'application/json', 'Authorization': JWT_Token }
data = {
"operation": "protect",
"data": ["NO8330001234567", "QA54QNBA000000000000693123456"],
"options": {
"alpha": "true"
}
}
response = requests.post(url, headers=headers, data=json.dumps(data))
print(response.text)
import java.net.HttpURLConnection;
import java.net.URI;
import java.net.URL;
import java.io.OutputStream;
import java.io.InputStreamReader;
import java.io.BufferedReader;
public class APIRequest { public static void main(String[] args) {
try {
String JWT_Token = "<JWT_TOKEN>"
String API_Key = "<API_Key>"
URI uri = new URI("https://api.playground.protegrity.com/v1/iban");
URL url = uri.toURL();
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setRequestProperty("x-api-key", API_Key);
conn.setRequestProperty("Content-Type", "application/json");
conn.setRequestProperty("Authorization", JWT_Token); conn.setDoOutput(true);
String jsonInputString = "{ \"operation\": \"protect\", \"data\": [\"NO8330001234567\", \"QA54QNBA000000000000693123456\"], \"options\": { \"alpha\": \"true\" } }";
try (OutputStream os = conn.getOutputStream()) {
byte[] input = jsonInputString.getBytes("utf-8");
os.write(input, 0, input.length);
}
try (BufferedReader br = new BufferedReader(new InputStreamReader(conn.getInputStream(), "utf-8"))) {
StringBuilder response = new StringBuilder();
String responseLine = null;
while ((responseLine = br.readLine()) != null) {
response.append(responseLine.trim());
}
System.out.println(response.toString());
}
} catch (Exception e) {
e.printStackTrace();
}
}
}
fetch('https://api.playground.protegrity.com/v1/iban',
{ method: 'POST',
headers: { 'x-api-key': '<API_Key>', 'Content-Type': 'application/json', 'Authorization': '<JWT_TOKEN>' },
body: JSON.stringify({
"operation": "protect",
"data": ["NO8330001234567", "QA54QNBA000000000000693123456"],
"options": {
"alpha": true
}
})
})
.then(response => response.json())
.then(data => console.log(data))
.catch(error => console.error('Error:', error));
package main
import (
"io"
"fmt"
"strings"
"net/http"
)
func main() {
JWT_Token := "<JWT_TOKEN>"
API_Key := "<API_Key>"
url := "https://api.playground.protegrity.com/v1/iban"
data := strings.NewReader(`{
"operation": "protect",
"data": ["NO8330001234567", "QA54QNBA000000000000693123456"],
"options": {
"alpha": true
}
}`)
req, err := http.NewRequest("POST", url, data)
if err != nil {
fmt.Println(err)
return
}
req.Header.Set("x-api-key", API_Key)
req.Header.Set("Content-Type", "application/json")
req.Header.Set("Authorization", JWT_Token)
client := &http.Client{}
resp, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer resp.Body.Close()
body, err := io.ReadAll(resp.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}
SAMPLE RESPONSE
[
"NO0980006979071",
"QA13QNBA128618782491645358717"
]
6.5.14 - String
Data protection endpoint
METHOD: POST
ENDPOINT: https://api.playground.protegrity.com/v1/string
DESCRIPTION:
Protect or unprotect a string. Maximum length of the string is 128 characters. The returned string is not length-preserving neither case-preserving.
ATTRIBUTES:
data (required) Input data to transform.
operation (required) Specify if to protect or unprotect data. Accepts: [ protect | unprotect ].
user (optional) Choose a user to impersonate from the list of pre-configured roles.
OPTIONS:
eiv (optional) Provide your custom initialization vector to introduce additional variance in the output. The IV may be a number, letter, special character, or a combination of those. Learn more about the IVs in the Key Concepts section. Note that to unprotect the data back to its original value, the eiv has to be provided in the payload.
SAMPLE REQUEST
curl --location 'https://api.playground.protegrity.com/v1/string' \
--header 'x-api-key: <API_Key>' \
--header 'Content-Type: application/json' \
--header 'Authorization: <JWT_TOKEN>' \
--data '{
"operation": "protect",
"data": ["hello", "world"]
}'
import requests
import json
JWT_Token = "<JWT_TOKEN>"
API_Key = "<API_Key>"
url = 'https://api.playground.protegrity.com/v1/string'
headers = { 'x-api-key': API_Key, 'Content-Type': 'application/json', 'Authorization': JWT_Token }
data = {
"operation": "protect",
"data": ["hello", "world"]
}
response = requests.post(url, headers=headers, data=json.dumps(data))
print(response.text)
import java.net.HttpURLConnection;
import java.net.URI;
import java.net.URL;
import java.io.OutputStream;
import java.io.InputStreamReader;
import java.io.BufferedReader;
public class APIRequest { public static void main(String[] args) {
try {
String JWT_Token = "<JWT_TOKEN>"
String API_Key = "<API_Key>"
URI uri = new URI("https://api.playground.protegrity.com/v1/string");
URL url = uri.toURL();
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setRequestProperty("x-api-key", API_Key);
conn.setRequestProperty("Content-Type", "application/json");
conn.setRequestProperty("Authorization", JWT_Token); conn.setDoOutput(true);
String jsonInputString = "{ \"operation\": \"protect\", \"data\": [\"Hello\", \"World\"] }";
try (OutputStream os = conn.getOutputStream()) {
byte[] input = jsonInputString.getBytes("utf-8");
os.write(input, 0, input.length);
}
try (BufferedReader br = new BufferedReader(new InputStreamReader(conn.getInputStream(), "utf-8"))) {
StringBuilder response = new StringBuilder();
String responseLine = null;
while ((responseLine = br.readLine()) != null) {
response.append(responseLine.trim());
}
System.out.println(response.toString());
}
} catch (Exception e) {
e.printStackTrace();
}
}
}
fetch('https://api.playground.protegrity.com/v1/string',
{ method: 'POST',
headers: { 'x-api-key': '<API_Key>', 'Content-Type': 'application/json', 'Authorization': '<JWT_TOKEN>' },
body: JSON.stringify({
"operation": "protect",
"data": ["hello", "world"]
})
})
.then(response => response.json())
.then(data => console.log(data))
.catch(error => console.error('Error:', error));
package main
import (
"io"
"fmt"
"strings"
"net/http"
)
func main() {
JWT_Token := "<JWT_TOKEN>"
API_Key := "<API_Key>"
url := "https://api.playground.protegrity.com/v1/string"
data := strings.NewReader(`{
"operation": "protect",
"data": ["hello", "world"]
}`)
req, err := http.NewRequest("POST", url, data)
if err != nil {
fmt.Println(err)
return
}
req.Header.Set("x-api-key", API_Key)
req.Header.Set("Content-Type", "application/json")
req.Header.Set("Authorization", JWT_Token)
client := &http.Client{}
resp, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer resp.Body.Close()
body, err := io.ReadAll(resp.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}
SAMPLE RESPONSE
[
"UkosA",
"okPPwa"
]
6.5.15 - Number
Data protection endpoint
METHOD: POST
ENDPOINT: https://api.playground.protegrity.com/v1/number
DESCRIPTION:
Protect or unprotect a number. The returned number is length-preserving. The endpoint might generate numbers with leading zeros.
ATTRIBUTES:
data (required) Input data to transform.
operation (required) Specify if to protect or unprotect data. Accepts: [ protect | unprotect ].
user (optional) Choose a user to impersonate from the list of pre-configured roles.
OPTIONS:
eiv (optional) Provide your custom initialization vector to introduce additional variance in the output. The IV may be a number, letter, special character, or a combination of those. Learn more about the IVs in the Key Concepts section. Note that to unprotect the data back to its original value, the eiv has to be provided in the payload.
SAMPLE REQUEST
curl --location 'https://api.playground.protegrity.com/v1/number' \
--header 'x-api-key: <API_Key>' \
--header 'Content-Type: application/json' \
--header 'Authorization: <JWT_TOKEN>' \
--data '{
"operation": "protect",
"data": ["123654", "987654"]
}'
import requests
import json
JWT_Token = "<JWT_TOKEN>"
API_Key = "<API_Key>"
url = 'https://api.playground.protegrity.com/v1/number'
headers = { 'x-api-key': API_Key, 'Content-Type': 'application/json', 'Authorization': JWT_Token }
data = {
"operation": "protect",
"data": ["123654", "987654"]
}
response = requests.post(url, headers=headers, data=json.dumps(data))
print(response.text)
import java.net.HttpURLConnection;
import java.net.URI;
import java.net.URL;
import java.io.OutputStream;
import java.io.InputStreamReader;
import java.io.BufferedReader;
public class APIRequest { public static void main(String[] args) {
try {
String JWT_Token = "<JWT_TOKEN>"
String API_Key = "<API_Key>"
URI uri = new URI("https://api.playground.protegrity.com/v1/number");
URL url = uri.toURL();
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setRequestProperty("x-api-key", API_Key);
conn.setRequestProperty("Content-Type", "application/json");
conn.setRequestProperty("Authorization", JWT_Token); conn.setDoOutput(true);
String jsonInputString = "{ \"operation\": \"protect\", \"data\": [\"123654\", \"987654\"] }";
try (OutputStream os = conn.getOutputStream()) {
byte[] input = jsonInputString.getBytes("utf-8");
os.write(input, 0, input.length);
}
try (BufferedReader br = new BufferedReader(new InputStreamReader(conn.getInputStream(), "utf-8"))) {
StringBuilder response = new StringBuilder();
String responseLine = null;
while ((responseLine = br.readLine()) != null) {
response.append(responseLine.trim());
}
System.out.println(response.toString());
}
} catch (Exception e) {
e.printStackTrace();
}
}
}
fetch('https://api.playground.protegrity.com/v1/number',
{ method: 'POST',
headers: { 'x-api-key': '<API_Key>', 'Content-Type': 'application/json', 'Authorization': '<JWT_TOKEN>' },
body: JSON.stringify({
"operation": "protect",
"data": ["123654", "987654"]
})
})
.then(response => response.json())
.then(data => console.log(data))
.catch(error => console.error('Error:', error));
package main
import (
"io"
"fmt"
"strings"
"net/http"
)
func main() {
JWT_Token := "<JWT_TOKEN>"
API_Key := "<API_Key>"
url := "https://api.playground.protegrity.com/v1/number"
data := strings.NewReader(`{
"operation": "protect",
"data": ["123654", "987654"]
}`)
req, err := http.NewRequest("POST", url, data)
if err != nil {
fmt.Println(err)
return
}
req.Header.Set("x-api-key", API_Key)
req.Header.Set("Content-Type", "application/json")
req.Header.Set("Authorization", JWT_Token)
client := &http.Client{}
resp, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer resp.Body.Close()
body, err := io.ReadAll(resp.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}
SAMPLE RESPONSE
[
"034539",
"101012"
]
6.5.16 - Text (Encryption)
Data protection endpoint
METHOD: POST
ENDPOINT: https://api.playground.protegrity.com/v1/text
DESCRIPTION:
Protect or unprotect sample text using encryption. Received text must be hex encoded. The returned value is hex encoded. There is no limitation on the text’s length however payload limits apply.
ATTRIBUTES:
data (required) Input data to transform.
operation (required) Specify if to protect or unprotect data. Accepts: [ protect | unprotect ].
user (optional) Choose a user to impersonate from the list of pre-configured roles.
SAMPLE REQUEST
curl --location 'https://api.playground.protegrity.com/v1/text' \
--header 'x-api-key: <API_Key>' \
--header 'Content-Type: application/json' \
--header 'Authorization: <JWT_TOKEN>' \
--data '{
"operation": "protect",
"data": ["48656c6c6f20576f726c640a"]
}'
import requests
import json
JWT_Token = "<JWT_TOKEN>"
API_Key = "<API_Key>"
url = 'https://api.playground.protegrity.com/v1/text'
headers = { 'x-api-key': API_Key, 'Content-Type': 'application/json', 'Authorization': JWT_Token }
data = {
"operation": "protect",
"data": ["48656c6c6f20576f726c640a"]
}
response = requests.post(url, headers=headers, data=json.dumps(data))
print(response.text)
import java.net.HttpURLConnection;
import java.net.URI;
import java.net.URL;
import java.io.OutputStream;
import java.io.InputStreamReader;
import java.io.BufferedReader;
public class APIRequest { public static void main(String[] args) {
try {
String JWT_Token = "<JWT_TOKEN>"
String API_Key = "<API_Key>"
URI uri = new URI("https://api.playground.protegrity.com/v1/text");
URL url = uri.toURL();
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setRequestProperty("x-api-key", API_Key);
conn.setRequestProperty("Content-Type", "application/json");
conn.setRequestProperty("Authorization", JWT_Token); conn.setDoOutput(true);
String jsonInputString = "{ \"operation\": \"protect\", \"data\": [\"48656c6c6f20576f726c640a\"] }";
try (OutputStream os = conn.getOutputStream()) {
byte[] input = jsonInputString.getBytes("utf-8");
os.write(input, 0, input.length);
}
try (BufferedReader br = new BufferedReader(new InputStreamReader(conn.getInputStream(), "utf-8"))) {
StringBuilder response = new StringBuilder();
String responseLine = null;
while ((responseLine = br.readLine()) != null) {
response.append(responseLine.trim());
}
System.out.println(response.toString());
}
} catch (Exception e) {
e.printStackTrace();
}
}
}
fetch('https://api.playground.protegrity.com/v1/text',
{ method: 'POST',
headers: { 'x-api-key': '<API_Key>', 'Content-Type': 'application/json', 'Authorization': '<JWT_TOKEN>' },
body: JSON.stringify({
"operation": "protect",
"data": ["48656c6c6f20576f726c640a"]
})
})
.then(response => response.json())
.then(data => console.log(data))
.catch(error => console.error('Error:', error));
package main
import (
"io"
"fmt"
"strings"
"net/http"
)
func main() {
JWT_Token := "<JWT_TOKEN>"
API_Key := "<API_Key>"
url := "https://api.playground.protegrity.com/v1/text"
data := strings.NewReader(`{
"operation": "protect",
"data": ["48656c6c6f20576f726c640a"]
}`)
req, err := http.NewRequest("POST", url, data)
if err != nil {
fmt.Println(err)
return
}
req.Header.Set("x-api-key", API_Key)
req.Header.Set("Content-Type", "application/json")
req.Header.Set("Authorization", JWT_Token)
client := &http.Client{}
resp, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer resp.Body.Close()
body, err := io.ReadAll(resp.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}
SAMPLE RESPONSE
[
"E616C7B0762E28A32E0FABF4BC403C8D"
]
6.5.17 - Datetime
Data protection endpoint
METHOD: POST
ENDPOINT: https://api.playground.protegrity.com/v1/datetime
DESCRIPTION:
Protect or unprotect a datetime string The endpoint accepts partial timestamp protection, i.e., leaving the year value in the clear. Supported formats: YYYY/MM/DD and YYYY/MM/DD HH:MM:SS. Supported delimiters: /, -, .; space or T are supported between date and time.
ATTRIBUTES:
data (required) Input data to transform.
operation (required) Specify if to protect or unprotect data. Accepts: [ protect | unprotect ].
user (optional) Choose a user to impersonate from the list of pre-configured roles.
OPTIONS:
year (optional) Set to true to leave the year in the clear. Must be set to true when unprotecting the string tokenized using this option. Accepts: [ true | false ]. Defaults to false.
SAMPLE REQUEST
curl --location 'https://api.playground.protegrity.com/v1/datetime' \
--header 'x-api-key: <API_Key>' \
--header 'Content-Type: application/json' \
--header 'Authorization: <JWT_TOKEN>' \
--data '{
"operation": "protect",
"data": ["1980/12/10 14:12:01", "1965/01/27"],
"options": {
"year": true
}
}'
import requests
import json
JWT_Token = "<JWT_TOKEN>"
API_Key = "<API_Key>"
url = 'https://api.playground.protegrity.com/v1/datetime'
headers = { 'x-api-key': API_Key, 'Content-Type': 'application/json', 'Authorization': JWT_Token }
data = {
"operation": "protect",
"data": ["1980/12/10 14:12:01", "1965/01/27"],
"options": {
"year": true
}
}
response = requests.post(url, headers=headers, data=json.dumps(data))
print(response.text)
import java.net.HttpURLConnection;
import java.net.URI;
import java.net.URL;
import java.io.OutputStream;
import java.io.InputStreamReader;
import java.io.BufferedReader;
public class APIRequest { public static void main(String[] args) {
try {
String JWT_Token = "<JWT_TOKEN>"
String API_Key = "<API_Key>"
URI uri = new URI("https://api.playground.protegrity.com/v1/datetime");
URL url = uri.toURL();
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setRequestProperty("x-api-key", API_Key);
conn.setRequestProperty("Content-Type", "application/json");
conn.setRequestProperty("Authorization", JWT_Token); conn.setDoOutput(true);
String jsonInputString = "{ \"operation\": \"protect\", \"data\": [\"1980/12/10 14:12:01\", \"1965/01/27\"], \"options\": { \"year\": \"true\" } }";
try (OutputStream os = conn.getOutputStream()) {
byte[] input = jsonInputString.getBytes("utf-8");
os.write(input, 0, input.length);
}
try (BufferedReader br = new BufferedReader(new InputStreamReader(conn.getInputStream(), "utf-8"))) {
StringBuilder response = new StringBuilder();
String responseLine = null;
while ((responseLine = br.readLine()) != null) {
response.append(responseLine.trim());
}
System.out.println(response.toString());
}
} catch (Exception e) {
e.printStackTrace();
}
}
}
fetch('https://api.playground.protegrity.com/v1/datetime',
{ method: 'POST',
headers: { 'x-api-key': '<API_Key>', 'Content-Type': 'application/json', 'Authorization': '<JWT_TOKEN>' },
body: JSON.stringify({
"operation": "protect",
"data": ["1980/12/10 14:12:01", "1965/01/27"],
"options": {
"year": true
}
})
})
.then(response => response.json())
.then(data => console.log(data))
.catch(error => console.error('Error:', error));
package main
import (
"io"
"fmt"
"strings"
"net/http"
)
func main() {
JWT_Token := "<JWT_TOKEN>"
API_Key := "<API_Key>"
url := "https://api.playground.protegrity.com/v1/datetime"
data := strings.NewReader(`{
"operation": "protect",
"data": ["1980/12/10 14:12:01", "1965/01/27"],
"options": {
"year": true
}
}`)
req, err := http.NewRequest("POST", url, data)
if err != nil {
fmt.Println(err)
return
}
req.Header.Set("x-api-key", API_Key)
req.Header.Set("Content-Type", "application/json")
req.Header.Set("Authorization", JWT_Token)
client := &http.Client{}
resp, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer resp.Body.Close()
body, err := io.ReadAll(resp.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
} SAMPLE RESPONSE
[
"1980/03/24 03:19:45",
"1965/08/11"
]
6.5.18 - Multitype
Data protection endpoint
METHOD: POST
ENDPOINT: https://api.playground.protegrity.com/v1/multi
DESCRIPTION:
Protect or unprotect various attributes within a payload. Please refer to the specific payload type descriptions to see available options.
ATTRIBUTES:
data (required) Input data to transform.
type (required) Type of data provided. It should match one of available Data Protection endpoints, e.g. name, address, ccn.
operation (required) Specify if to protect or unprotect data. Accepts: [ protect | unprotect ].
id (required) A numeric id for tracking separete elements.
user (optional) Choose a user to impersonate from the list of pre-configured roles.
OPTIONS:
options (optional) Options as available for each endpoint type.
SAMPLE REQUEST
curl --location 'https://api.playground.protegrity.com/v1/multi' \
--header 'x-api-key: <API_Key>' \
--header 'Content-Type: application/json' \
--header 'Authorization: <JWT_TOKEN>' \
--data '[
{
"id": 1,
"type": "address",
"operation": "protect",
"data": ["Place 8 Rue Nicolau", "46 avenue de la Grande Armée"],
"options":{
"dictionary": "fr"
}
},
{
"id": 2,
"type": "city",
"operation": "protect",
"data": ["Paris"]
}
]'
import requests
import json
JWT_Token = "<JWT_TOKEN>"
API_Key = "<API_Key>"
url = 'https://api.playground.protegrity.com/v1/multi'
headers = { 'x-api-key': API_Key, 'Content-Type': 'application/json', 'Authorization': JWT_Token }
data = [
{
"id": 1,
"type": "address",
"operation": "protect",
"data": ["Place 8 Rue Nicolau", "46 avenue de la Grande Armée"],
"options":{
"dictionary": "fr"
}
},
{
"id": 2,
"type": "city",
"operation": "protect",
"data": ["Paris"]
}
]
response = requests.post(url, headers=headers, data=json.dumps(data))
print(response.text)
import java.net.HttpURLConnection;
import java.net.URI;
import java.net.URL;
import java.io.OutputStream;
import java.io.InputStreamReader;
import java.io.BufferedReader;
public class APIRequest { public static void main(String[] args) {
try {
String JWT_Token = "<JWT_TOKEN>"
String API_Key = "<API_Key>"
URI uri = new URI("https://api.playground.protegrity.com/v1/mutli");
URL url = uri.toURL();
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setRequestProperty("x-api-key", API_Key);
conn.setRequestProperty("Content-Type", "application/json");
conn.setRequestProperty("Authorization", JWT_Token); conn.setDoOutput(true);
String jsonInputString = "{ \"operation\": \"protect\", \"data\": [\n" + //
" {\n" + //
" \"id\": 1,\n" + //
" \"type\": \"address\",\n" + //
" \"operation\": \"protect\",\n" + //
" \"data\": [\"Place 8 Rue Nicolau\", \"46 avenue de la Grande Armée\"],\n" + //
" \"options\":{\n" + //
" \"dictionary\": \"fr\"\n" + //
" }\n" + //
" },\n" + //
" {\n" + //
" \"id\": 2,\n" + //
" \"type\": \"city\",\n" + //
" \"operation\": \"protect\",\n" + //
" \"data\": [\"Paris\"]\n" + //
" }\n" + //
"] }";
try (OutputStream os = conn.getOutputStream()) {
byte[] input = jsonInputString.getBytes("utf-8");
os.write(input, 0, input.length);
}
try (BufferedReader br = new BufferedReader(new InputStreamReader(conn.getInputStream(), "utf-8"))) {
StringBuilder response = new StringBuilder();
String responseLine = null;
while ((responseLine = br.readLine()) != null) {
response.append(responseLine.trim());
}
System.out.println(response.toString());
}
} catch (Exception e) {
e.printStackTrace();
}
}
}
fetch('https://api.playground.protegrity.com/v1/multi',
{ method: 'POST',
headers: { 'x-api-key': '<API_Key>', 'Content-Type': 'application/json', 'Authorization': '<JWT_TOKEN>' },
body: JSON.stringify({
"operation": "protect",
"data": [
{
"id": 1,
"type": "address",
"operation": "protect",
"data": ["Place 8 Rue Nicolau", "46 avenue de la Grande Armée"],
"options":{
"dictionary": "fr"
}
},
{
"id": 2,
"type": "city",
"operation": "protect",
"data": ["Paris"]
}
]
})
})
.then(response => response.json())
.then(data => console.log(data))
.catch(error => console.error('Error:', error));
package main
import (
"io"
"fmt"
"strings"
"net/http"
)
func main() {
JWT_Token := "<JWT_TOKEN>"
API_Key := "<API_Key>"
url := "https://api.playground.protegrity.com/v1/multi"
data := strings.NewReader(`{
"operation": "protect",
"data": [
{
"id": 1,
"type": "address",
"operation": "protect",
"data": ["Place 8 Rue Nicolau", "46 avenue de la Grande Armée"],
"options":{
"dictionary": "fr"
}
},
{
"id": 2,
"type": "city",
"operation": "protect",
"data": ["Paris"]
}
]
}`)
req, err := http.NewRequest("POST", url, data)
if err != nil {
fmt.Println(err)
return
}
req.Header.Set("x-api-key", API_Key)
req.Header.Set("Content-Type", "application/json")
req.Header.Set("Authorization", JWT_Token)
client := &http.Client{}
resp, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer resp.Body.Close()
body, err := io.ReadAll(resp.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}
SAMPLE RESPONSE
[
{
"id": "1",
"results": [
"è6HmO s 0Cq okÎHWmxÛR",
"sC ÈÂÉÉut éj Âî C1io3V 7xIoZSV"
]
},
{
"id": "2",
"results": [
"ôdnÂefp"
]
}
]
6.6 - GenAI Security Endpoints (Preview)
Automatic detection & protection of sensitive data
GenAI Security endpoints focus on automated sensitive data discovery and protection. You can detect sensitive data and choose to automatically protect the findings. Protegrity’s context-aware models are leveraged to identify sensitive data within provided input. Currently the classification can only be generated for texts in English.
This collection includes pre-release functionality and is subject to change in the future releases of the platform. We are actively iterating over this offering and welcome industry insight to help shape up the platform.
UPCOMING ENHANCEMENTS:
- Improved PII detection in sentences without punctuation
- Improved detection of emails and zipcodes provided without context
- Improved detection of account numbers in large payloads
6.6.1 - Classify (Preview)
Detect and classify sensitive data
METHOD: POST
ENDPOINT: https://api.playground.protegrity.com/v1/ai
DESCRIPTION:
Detect and classify sensitive data in a given input. The endpoint will return a classification and confidence score for every sensitive attribute found, alongside its location – a column name or a start and end index. Confidence score returns values from 0.1 to 1. The higher the confidence score, the more the product is sure of the PII classification it produced. We recommend using the confidence score to prioritize inspection of found sensitive data.
ATTRIBUTES:
data (required) Input data to transform.
operation (required) Type of operation to perform. Choose classify to only detect and classify data. Option protect deidentifies data. Option unprotect restores de-identified data to its original values. Accepts: [ classify | protect | unprotect ]
OPTIONS:
format (required) Specify the format of the input data. Currently the API only supports the option text for unstructured text. Accepts: [ text ].
SAMPLE REQUEST
curl --location 'https://api.playground.protegrity.com/v1/ai' \
--header 'x-api-key: <API_Key>' \
--header 'Content-Type: application/json' \
--header 'Authorization: <JWT_TOKEN>' \
--data '{
"operation": "classify",
"options": {
"format": "text"
},
"data": ["Hello, this is Peregrine Grey from Air Industries, could you give me a call back to my mobile number 212-456-7890. Have a lovely day!"]
}'
import requests
import json
JWT_Token = "<JWT_TOKEN>"
API_Key = "<API_Key>"
url = 'https://api.playground.protegrity.com/v1/ai'
headers = { 'x-api-key': API_Key, 'Content-Type': 'application/json', 'Authorization': JWT_Token }
data = {
"options": {
"format": "text",
"raw": "false"
},
"data": ["Hello, this is Peregrine Grey from Air Industries, could you give me a call back to my mobile number 212-456-7890. Have a lovely day!"]
}
response = requests.post(url, headers=headers, data=json.dumps(data))
print(response.text)
import java.net.HttpURLConnection;
import java.net.URI;
import java.net.URL;
import java.io.OutputStream;
import java.io.InputStreamReader;
import java.io.BufferedReader;
public class APIRequest { public static void main(String[] args) {
try {
String JWT_Token = "<JWT_TOKEN>"
String API_Key = "<API_Key>"
URI uri = new URI("https://api.playground.protegrity.com/v1/ai");
URL url = uri.toURL();
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setRequestProperty("x-api-key", API_Key);
conn.setRequestProperty("Content-Type", "application/json");
conn.setRequestProperty("Authorization", JWT_Token); conn.setDoOutput(true);
String jsonInputString = "{ \"options\": {\n" + //
" \"format\": \"text\",\n" + //
" \"raw\": false\n" + //
" },\n" + //
" \"data\": [\"Hello, this is Peregrine Grey from Air Industries, could you give me a call back to my mobile number 212-456-7890. Have a lovely day!\"]\n" + //
" }";
try (OutputStream os = conn.getOutputStream()) {
byte[] input = jsonInputString.getBytes("utf-8");
os.write(input, 0, input.length);
}
try (BufferedReader br = new BufferedReader(new InputStreamReader(conn.getInputStream(), "utf-8"))) {
StringBuilder response = new StringBuilder();
String responseLine = null;
while ((responseLine = br.readLine()) != null) {
response.append(responseLine.trim());
}
System.out.println(response.toString());
}
} catch (Exception e) {
e.printStackTrace();
}
}
}
fetch('https://api.playground.protegrity.com/v1/ai',
{ method: 'POST',
headers: { 'x-api-key': '<API_Key>', 'Content-Type': 'application/json', 'Authorization': '<JWT_TOKEN>' },
body: JSON.stringify({
"options": {
"format": "text",
"raw": false
},
"data": ["Hello, this is Peregrine Grey from Air Industries, could you give me a call back to my mobile number 212-456-7890. Have a lovely day!"]
})
})
.then(response => response.json())
.then(data => console.log(data))
.catch(error => console.error('Error:', error));
package main
import (
"io"
"fmt"
"strings"
"net/http"
)
func main() {
JWT_Token := "<JWT_TOKEN>"
API_Key := "<API_Key>"
url := "https://api.playground.protegrity.com/v1/ai"
data := strings.NewReader(`{
"options": {
"format": "text",
"raw": false
},
"data": ["Hello, this is Peregrine Grey from Air Industries, could you give me a call back to my mobile number 212-456-7890. Have a lovely day!"]
}`)
req, err := http.NewRequest("POST", url, data)
if err != nil {
fmt.Println(err)
return
}
req.Header.Set("x-api-key", API_Key)
req.Header.Set("Content-Type", "application/json")
req.Header.Set("Authorization", JWT_Token)
client := &http.Client{}
resp, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer resp.Body.Close()
body, err := io.ReadAll(resp.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}
SAMPLE RESPONSE
[
{
"score": 0.85,
"classification": "PHONE_NUMBER",
"start_index": 101,
"end_index": 113
},
{
"score": 0.99,
"classification": "PERSON",
"start_index": 15,
"end_index": 29
}
]
6.6.2 - Protect (Preview)
Detect, classify, and protect sensitive data
METHOD: POST
ENDPOINT: https://api.playground.protegrity.com/v1/ai
DESCRIPTION:
Detect, classify, and protect sensitive data in a given input. The endpoint will protect the attributes classified as sensitive with a confidence score of 0.68 or more.
ATTRIBUTES:
data (required) Input data to transform.
operation (required) Type of operation to perform. Choose classify to only detect and classify data. Option protect deidentifies data. Option unprotect restores de-identified data to its original values. Accepts: [ classify | protect | unprotect ]
user (optional) Choose a user to impersonate from the list of pre-configured roles.
OPTIONS:
format (required) Specify the format of the input data. Currently the API only supports the option text for unstructured text. Accepts: [ text ].
type (optional) Specify the protection mechanism. Option mask replaces all attributes with ‘*****’. Option tokenize applies a tokenization method that matches the classification of the found attribute. Accepts: [ mask | tokenize ]. Defaults to mask.
tags (optional) Specify if to include tags to mark protected attributes with their assigned classification label. Tags are required for reversing the protection. Accepts: [ true | false ]. Defaults to true.
threshold (optional) Set to the preferred confidence score threshold. Protection will be applied to attributes identified as matching or over the set threshold. Set a to numeric value. If not specified, the threshold is configured to 0.68.
eiv (optional) Provide your custom initialization vector to introduce additional variance in the output. The input may be a number, letter, special character, or a combination of those. Learn more about the IVs in the Key Concepts section. Note that to unprotect the data back to its original value, the eiv has to be provided in the payload.
SAMPLE REQUEST
curl --location 'https://api.playground.protegrity.com/v1/ai' \
--header 'x-api-key: <API_Key>' \
--header 'Content-Type: application/json' \
--header 'Authorization: <JWT_TOKEN>' \
--data '{
"operation": "protect",
"options": {
"format": "text",
"type": "mask",
"tags": false,
"threshold": 0.7
},
"data": ["Hello, this is Peregrine Grey from Air Industries, could you give me a call back to my mobile number 212-456-7890. Have a lovely day!"]
}'
import requests
import json
JWT_Token = "<JWT_TOKEN>"
API_Key = "<API_Key>"
url = 'https://api.playground.protegrity.com/v1/ai'
headers = { 'x-api-key': API_Key, 'Content-Type': 'application/json', 'Authorization': JWT_Token }
data = {
"operation": "protect",
"options": {
"format": "text",
"type": "mask",
"tags": False,
"threshold": 0.7
},
"data": ["Hello, this is Peregrine Grey from Air Industries, could you give me a call back to my mobile number 212-456-7890. Have a lovely day!"]
}
response = requests.post(url, headers=headers, data=json.dumps(data))
print(response.text)
import java.net.HttpURLConnection;
import java.net.URI;
import java.net.URL;
import java.io.OutputStream;
import java.io.InputStreamReader;
import java.io.BufferedReader;
public class APIRequest { public static void main(String[] args) {
try {
String JWT_Token = "<JWT_TOKEN>";
String API_Key = "<API_Key>";
URI uri = new URI("https://api.playground.protegrity.com/v1/ai");
URL url = uri.toURL();
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setRequestProperty("x-api-key", API_Key);
conn.setRequestProperty("Content-Type", "application/json");
conn.setRequestProperty("Authorization", JWT_Token); conn.setDoOutput(true);
String jsonInputString = "{ \"operation\": \"protect\",\n" + //
" \"options\": {\n" + //
" \"format\": \"text\",\n" + //
" \"type\": \"mask\",\n" + //
" \"tags\": \"false\",\n" + //
" \"threshold\": \"0.7\",\n" + //
" },\n" + //
" \"data\": [\"Hello, this is Peregrine Grey from Air Industries, could you give me a call back to my mobile number 212-456-7890. Have a lovely day!\"]\n" + //
" }";
try (OutputStream os = conn.getOutputStream()) {
byte[] input = jsonInputString.getBytes("utf-8");
os.write(input, 0, input.length);
}
try (BufferedReader br = new BufferedReader(new InputStreamReader(conn.getInputStream(), "utf-8"))) {
StringBuilder response = new StringBuilder();
String responseLine = null;
while ((responseLine = br.readLine()) != null) {
response.append(responseLine.trim());
}
System.out.println(response.toString());
}
} catch (Exception e) {
e.printStackTrace();
}
}
}
fetch('https://api.playground.protegrity.com/v1/ai',
{ method: 'POST',
headers: { 'x-api-key': '<API_Key>', 'Content-Type': 'application/json', 'Authorization': '<JWT_TOKEN>' },
body: JSON.stringify({
"operation": "protect",
"options": {
"format": "text",
"type": "mask",
"tags": false,
"threshold": 0.7
},
"data": ["Hello, this is Peregrine Grey from Air Industries, could you give me a call back to my mobile number 212-456-7890. Have a lovely day!"]
})
})
.then(response => response.json())
.then(data => console.log(data))
.catch(error => console.error('Error:', error));
package main
import (
"io"
"fmt"
"strings"
"net/http"
)
func main() {
JWT_Token := "<JWT_TOKEN>"
API_Key := "<API_Key>"
url := "https://api.playground.protegrity.com/v1/ai"
data := strings.NewReader(`{
"operation": "protect",
"options": {
"format": "text",
"type": "mask",
"tags": false,
"threshold": 0.7
},
"data": ["Hello, this is Peregrine Grey from Air Industries, could you give me a call back to my mobile number 212-456-7890. Have a lovely day!"]
}`)
req, err := http.NewRequest("POST", url, data)
if err != nil {
fmt.Println(err)
return
}
req.Header.Set("x-api-key", API_Key)
req.Header.Set("Content-Type", "application/json")
req.Header.Set("Authorization", JWT_Token)
client := &http.Client{}
resp, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer resp.Body.Close()
body, err := io.ReadAll(resp.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}
SAMPLE RESPONSE
{
"results": "Hello, this is ############## from Air Industries. Could you give me a call back to my mobile number ############. Have a lovely day!"
}
6.6.3 - Unprotect (Preview)
Re-identify protected data
METHOD: POST
ENDPOINT: https://api.playground.protegrity.com/v1/ai
DESCRIPTION:
Unprotect sensitive data in a given input, i.e. revert previously tokenized values to their original contents. Provided text must include tags to enable this transformation.
ATTRIBUTES:
data (required) Input data to transform.
operation (required) Type of operation to perform. Choose classify to only detect and classify data. Option protect deidentifies data. Option unprotect restores de-identified data to its original values. Accepts: [ classify | protect | unprotect ]
user (optional) Choose a user to impersonate from the list of pre-configured roles.
OPTIONS:
format (required) Specify the format of the input data. Currently the API only supports the option text for unstructured text. Accepts: [ text ].
SAMPLE REQUEST
curl --location 'https://api.playground.protegrity.com/v1/ai' \
--header 'x-api-key: <API_Key>' \
--header 'Content-Type: application/json' \
--header 'Authorization: <JWT_TOKEN>' \
--data '{
"operation": "unprotect",
"format": "text",
"user": "paloma.torres",
"data": ["Hello, this is [PERSON]SQnnLOQMw TEwP[/PERSON] from Air Industries. Could you give me a call back to my mobile number [PHONE_NUMBER]025-016-8606[/PHONE_NUMBER]. Have a lovely day!"]
}'
import requests
import json
JWT_Token = "<JWT_TOKEN>"
API_Key = "<API_Key>"
url = 'https://api.playground.protegrity.com/v1/ai'
headers = { 'x-api-key': API_Key, 'Content-Type': 'application/json', 'Authorization': JWT_Token }
data = {
"operation": "unprotect",
"format": "text",
"user": "paloma.torres",
"data": ["Hello, this is [PERSON]SQnnLOQMw TEwP[/PERSON] from Air Industries. Could you give me a call back to my mobile number [PHONE_NUMBER]025-016-8606[/PHONE_NUMBER]. Have a lovely day!"]
}
response = requests.post(url, headers=headers, data=json.dumps(data))
print(response.text)
import java.net.HttpURLConnection;
import java.net.URI;
import java.net.URL;
import java.io.OutputStream;
import java.io.InputStreamReader;
import java.io.BufferedReader;
public class APIRequest { public static void main(String[] args) {
try {
String JWT_Token = "<JWT_TOKEN>";
String API_Key = "<API_Key>";
URI uri = new URI("https://api.playground.protegrity.com/v1/ai");
URL url = uri.toURL();
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setRequestProperty("x-api-key", API_Key);
conn.setRequestProperty("Content-Type", "application/json");
conn.setRequestProperty("Authorization", JWT_Token); conn.setDoOutput(true);
String jsonInputString = "{ \"operation\": \"unprotect\",\n" + //
" \"options\": {\n" + //
" \"format\": \"text\",\n" + //
" \"user\": \"paloma.torres\",\n" + //
" },\n" + //
" \"data\": [\"Hello, this is [PERSON]SQnnLOQMw TEwP[/PERSON] from Air Industries. Could you give me a call back to my mobile number [PHONE_NUMBER]025-016-8606[/PHONE_NUMBER]. Have a lovely day!\"]\n" + //
" }";
try (OutputStream os = conn.getOutputStream()) {
byte[] input = jsonInputString.getBytes("utf-8");
os.write(input, 0, input.length);
}
try (BufferedReader br = new BufferedReader(new InputStreamReader(conn.getInputStream(), "utf-8"))) {
StringBuilder response = new StringBuilder();
String responseLine = null;
while ((responseLine = br.readLine()) != null) {
response.append(responseLine.trim());
}
System.out.println(response.toString());
}
} catch (Exception e) {
e.printStackTrace();
}
}
}
fetch('https://api.playground.protegrity.com/v1/ai',
{ method: 'POST',
headers: { 'x-api-key': '<API_Key>', 'Content-Type': 'application/json', 'Authorization': '<JWT_TOKEN>' },
body: JSON.stringify({
"operation": "unprotect",
"format": "text",
"user": "paloma.torres",
"data": ["Hello, this is [PERSON]SQnnLOQMw TEwP[/PERSON] from Air Industries. Could you give me a call back to my mobile number [PHONE_NUMBER]025-016-8606[/PHONE_NUMBER]. Have a lovely day!"]
})
})
.then(response => response.json())
.then(data => console.log(data))
.catch(error => console.error('Error:', error));
package main
import (
"io"
"fmt"
"strings"
"net/http"
)
func main() {
JWT_Token := "<JWT_TOKEN>"
API_Key := "<API_Key>"
url := "https://api.playground.protegrity.com/v1/ai"
data := strings.NewReader(`{
"operation": "unprotect",
"format": "text",
"user": "paloma.torres",
"data": ["Hello, this is [PERSON]SQnnLOQMw TEwP[/PERSON] from Air Industries. Could you give me a call back to my mobile number [PHONE_NUMBER]025-016-8606[/PHONE_NUMBER]. Have a lovely day!"]
}`)
req, err := http.NewRequest("POST", url, data)
if err != nil {
fmt.Println(err)
return
}
req.Header.Set("x-api-key", API_Key)
req.Header.Set("Content-Type", "application/json")
req.Header.Set("Authorization", JWT_Token)
client := &http.Client{}
resp, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer resp.Body.Close()
body, err := io.ReadAll(resp.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}
SAMPLE RESPONSE
{
"results": "Hello, this is Peregrine Grey from Air Industries. Could you give me a call back to my mobile number 212-456-7890. Have a lovely day!"
}
6.7 - Private Endpoints
Endpoints dedicated to running PoCs
This section documents private endpoints made available on the Protegrity API Playground. The private endpoints are the low-level APIs that closely resemble the product’s functionality. The endpoints allow for more flexibility and customization than the rest of the set. There are no performance limitations imposed (other than the network lag).
Access the endpoints can be requested through your Protegrity contact (Sales Engineer, Field Engineer, or Customer Success Manager). Running the endpoints requires an additional authentication key that will be set up specifically for your organization and project.
6.7.1 - Data Protection Endpoint
De-identify sensitive data
METHOD: POST
ENDPOINT: https://api.playground.protegrity.com/v1/private/protect
DESCRIPTION:
Protect any data. Specify the data element and user name to apply during the transformation.
ATTRIBUTES:
data (required) Input data to transform.
data_element (required) Data element to apply when transforming data. Consult the Policy Definition section for the list of supported data elements and their characteristics.
user (required) Choose a user to impersonate from the list of pre-configured roles.
encoding (optional) Type of encoding used for input (and output) data. Note that all encodings are supported for all data elements with the exception of utf8 that cannot be used with encryption data elements. Accepts: [ hex | base64 | utf8 ]. Defaults to utf8.
external_iv (optional) Provide your custom initialization vector to introduce additional variance in the output. The IV may be a number, letter, special character, or a combination of those. Learn more about the IVs in the Key Concepts section. Note that to unprotect the data back to its original value, the external_iv has to be provided in the payload.
SAMPLE REQUEST
curl --location 'https://api.playground.protegrity.com/v1/private/protect' \
--header 'x-api-key: <Group_API_Key>' \
--header 'Content-Type: application/json' \
--header 'Authorization: <JWT_TOKEN>' \
--data '{
"encoding": "utf8",
"data_element": "city",
"user": "admin",
"data": ["Phoenix"],
"external_iv": "eiv1"
}'
import requests
import json
JWT_Token = "<JWT_TOKEN>"
API_Key = "<Group_API_Key>"
url = 'https://api.playground.protegrity.com/v1/private/protect'
headers = { 'x-api-key': API_Key, 'Content-Type': 'application/json', 'Authorization': JWT_Token }
data = {
"encoding": "utf8",
"data_element": "city",
"user": "admin",
"data": [
"Phoenix"
],
"external_iv": "eiv1"
}
response = requests.post(url, headers=headers, data=json.dumps(data))
print(response.text)
import java.net.HttpURLConnection;
import java.net.URI;
import java.net.URL;
import java.io.OutputStream;
import java.io.InputStreamReader;
import java.io.BufferedReader;
public class APIRequest { public static void main(String[] args) {
try {
String JWT_Token = "<JWT_TOKEN>"
String API_Key = "<Group_API_Key>"
URI uri = new URI("https://api.playground.protegrity.com/v1/private/protect");
URL url = uri.toURL();
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setRequestProperty("x-api-key", API_Key);
conn.setRequestProperty("Content-Type", "application/json");
conn.setRequestProperty("Authorization", JWT_Token); conn.setDoOutput(true);
String jsonInputString = "{ \"encoding\": \"utf8\",\"data_element\": \"city\",\"user\": \"admin\",\"data\": [\"Phoenix\"],\"external_iv\": \"eiv1\" }";
try (OutputStream os = conn.getOutputStream()) {
byte[] input = jsonInputString.getBytes("utf-8");
os.write(input, 0, input.length);
}
try (BufferedReader br = new BufferedReader(new InputStreamReader(conn.getInputStream(), "utf-8"))) {
StringBuilder response = new StringBuilder();
String responseLine = null;
while ((responseLine = br.readLine()) != null) {
response.append(responseLine.trim());
}
System.out.println(response.toString());
}
} catch (Exception e) {
e.printStackTrace();
}
}
}
fetch('https://api.playground.protegrity.com/v1/private/protect',
{ method: 'POST',
headers: { 'x-api-key': '<Group_API_Key>', 'Content-Type': 'application/json', 'Authorization': '<JWT_TOKEN>' },
body: JSON.stringify({
"encoding": "utf8",
"data_element": "city",
"user": "admin",
"data": [
"Phoenix"
],
"external_iv": "eiv1"
})
})
.then(response => response.json())
.then(data => console.log(data))
.catch(error => console.error('Error:', error));
package main
import (
"io"
"fmt"
"strings"
"net/http"
)
func main() {
JWT_Token := "<JWT_TOKEN>"
API_Key := "<Group_API_Key>"
url := "https://api.playground.protegrity.com/v1/private/protect"
data := strings.NewReader(`{
"encoding": "utf8",
"data_element": "city",
"user": "admin",
"data": ["Phoenix"],
"external_iv": "eiv1"
}`)
req, err := http.NewRequest("POST", url, data)
if err != nil {
fmt.Println(err)
return
}
req.Header.Set("x-api-key", API_Key)
req.Header.Set("Content-Type", "application/json")
req.Header.Set("Authorization", JWT_Token)
client := &http.Client{}
resp, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer resp.Body.Close()
body, err := io.ReadAll(resp.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}
SAMPLE RESPONSE
{
"encoding": "utf8",
"results": [
"oULqaPc"
],
"success": true
}
6.7.2 - Data Unprotection Endpoint
Re-identify previously protected data
METHOD: POST
ENDPOINT: https://api.playground.protegrity.com/v1/private/unprotect
DESCRIPTION:
Unprotect previously de-identified data, i.e. reverse it to its original state and clear any transformations. Specify the data element and user name to apply during the transformation.
ATTRIBUTES:
data (required) Input data to transform.
data_element (required) Data element to apply when transforming data. Consult the Policy Definition section for the list of supported data elements and their characteristics.
user (required) Choose a user to impersonate from the list of pre-configured roles.
encoding (optional) Type of encoding used for input (and output) data. Note that all encodings are supported for all data elements with the exception of utf8 that cannot be used with encryption data elements. Accepts: [ hex | base64 | utf8 ]. Defaults to utf8.
external_iv (optional) Provide the custom initialization vector used to protect the data. Learn more about the IVs in the Key Concepts section.
SAMPLE REQUEST
curl --location 'https://api.playground.protegrity.com/v1/private/unprotect' \
--header 'x-api-key: <Group_API_Key>' \
--header 'Content-Type: application/json' \
--header 'Authorization: <JWT_TOKEN>' \
--data '{
"encoding": "utf8",
"data_element": "city",
"user": "admin",
"data": ["oULqaPc"],
"external_iv": "eiv1"
}'
import requests
import json
JWT_Token = "<JWT_TOKEN>"
API_Key = "<Group_API_Key>"
url = 'https://api.playground.protegrity.com/v1/private/unprotect'
headers = { 'x-api-key': API_Key, 'Content-Type': 'application/json', 'Authorization': JWT_Token }
data = {
"encoding": "utf8",
"data_element": "city",
"user": "admin",
"data": [
"oULqaPc"
],
"external_iv": "eiv1"
}
response = requests.post(url, headers=headers, data=json.dumps(data))
print(response.text)
import java.net.HttpURLConnection;
import java.net.URI;
import java.net.URL;
import java.io.OutputStream;
import java.io.InputStreamReader;
import java.io.BufferedReader;
public class APIRequest { public static void main(String[] args) {
try {
String JWT_Token = "<JWT_TOKEN>"
String API_Key = "<Group_API_Key>"
URI uri = new URI("https://api.playground.protegrity.com/v1/private/unprotect");
URL url = uri.toURL();
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setRequestProperty("x-api-key", API_Key);
conn.setRequestProperty("Content-Type", "application/json");
conn.setRequestProperty("Authorization", JWT_Token); conn.setDoOutput(true);
String jsonInputString = "{ \"encoding\": \"utf8\",\"data_element\": \"city\",\"user\": \"admin\",\"data\": [\"oULqaPc\"],\"external_iv\": \"eiv1\" }";
try (OutputStream os = conn.getOutputStream()) {
byte[] input = jsonInputString.getBytes("utf-8");
os.write(input, 0, input.length);
}
try (BufferedReader br = new BufferedReader(new InputStreamReader(conn.getInputStream(), "utf-8"))) {
StringBuilder response = new StringBuilder();
String responseLine = null;
while ((responseLine = br.readLine()) != null) {
response.append(responseLine.trim());
}
System.out.println(response.toString());
}
} catch (Exception e) {
e.printStackTrace();
}
}
}
fetch('https://api.playground.protegrity.com/v1/private/unprotect',
{ method: 'POST',
headers: { 'x-api-key': '<Group_API_Key>', 'Content-Type': 'application/json', 'Authorization': '<JWT_TOKEN>' },
body: JSON.stringify({
"encoding": "utf8",
"data_element": "city",
"user": "admin",
"data": [
"oULqaPc"
],
"external_iv": "eiv1"
})
})
.then(response => response.json())
.then(data => console.log(data))
.catch(error => console.error('Error:', error));
package main
import (
"io"
"fmt"
"strings"
"net/http"
)
func main() {
JWT_Token := "<JWT_TOKEN>"
API_Key := "<Group_API_Key>"
url := "https://api.playground.protegrity.com/v1/private/unprotect"
data := strings.NewReader(`{
"encoding": "utf8",
"data_element": "city",
"user": "admin",
"data": ["oULqaPc"],
"external_iv": "eiv1"
}`)
req, err := http.NewRequest("POST", url, data)
if err != nil {
fmt.Println(err)
return
}
req.Header.Set("x-api-key", API_Key)
req.Header.Set("Content-Type", "application/json")
req.Header.Set("Authorization", JWT_Token)
client := &http.Client{}
resp, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer resp.Body.Close()
body, err := io.ReadAll(resp.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}
SAMPLE RESPONSE
{
"encoding": "utf8",
"results": [
"Phoenix"
],
"success": true
}
6.7.3 - Data Classification Endpoint
Classify sensitive data
METHOD: POST
ENDPOINT: https://api.playground.protegrity.com/v1/private/classify
DESCRIPTION:
Detect and classify sensitive data in a given input. The endpoint will return a classification and confidence score for every sensitive attribute found, alongside its location – a column name or a start and end index. Confidence score returns values from 0.1 to 1. The higher the confidence score, the more the product is sure of the PII classification it produced. We recommend using the confidence score to prioritize inspection of found sensitive data.
The endpoint does not take any attributes and accepts plain text as payload.
HEADERS:
Content-Type (required) Format of data sent in the payload. Set to text/plain for processing unstructured text. Accepts: [ text/plain ].
SAMPLE REQUEST
curl --location 'https://api.playground.protegrity.com/v1/private/classify' \
--header 'x-api-key: <Group_API_Key>' \
--header 'Content-Type: application/json' \
--header 'Authorization: <JWT_TOKEN>' \
--data 'Hello, this is Peregrine Grey from Air Industries, could you give me a call back to my mobile number 212-456-7890. Have a lovely day!'
import requests
import json
JWT_Token = "<JWT_TOKEN>"
API_Key = "<Group_API_Key>"
url = 'https://api.playground.protegrity.com/v1/private/classify'
headers = { 'x-api-key': API_Key, 'Content-Type': 'application/json', 'Authorization': JWT_Token }
data = {
"Hello, this is Peregrine Grey from Air Industries, could you give me a call back to my mobile number 212-456-7890. Have a lovely day!"
}
response = requests.post(url, headers=headers, data=json.dumps(data))
print(response.text)
import java.net.HttpURLConnection;
import java.net.URI;
import java.net.URL;
import java.io.OutputStream;
import java.io.InputStreamReader;
import java.io.BufferedReader;
public class APIRequest { public static void main(String[] args) {
try {
String JWT_Token = "<JWT_TOKEN>"
String API_Key = "<Group_API_Key>"
URI uri = new URI("https://api.playground.protegrity.com/v1/private/classify");
URL url = uri.toURL();
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setRequestProperty("x-api-key", API_Key);
conn.setRequestProperty("Content-Type", "application/json");
conn.setRequestProperty("Authorization", JWT_Token); conn.setDoOutput(true);
String jsonInputString = "{ \"Hello, this is Peregrine Grey from Air Industries, could you give me a call back to my mobile number 212-456-7890. Have a lovely day!\"}";
try (OutputStream os = conn.getOutputStream()) {
byte[] input = jsonInputString.getBytes("utf-8");
os.write(input, 0, input.length);
}
try (BufferedReader br = new BufferedReader(new InputStreamReader(conn.getInputStream(), "utf-8"))) {
StringBuilder response = new StringBuilder();
String responseLine = null;
while ((responseLine = br.readLine()) != null) {
response.append(responseLine.trim());
}
System.out.println(response.toString());
}
} catch (Exception e) {
e.printStackTrace();
}
}
}
fetch('https://api.playground.protegrity.com/v1/private/classify',
{ method: 'POST',
headers: { 'x-api-key': '<Group_API_Key>', 'Content-Type': 'application/json', 'Authorization': '<JWT_TOKEN>' },
body: "Hello, this is Peregrine Grey from Air Industries, could you give me a call back to my mobile number 212-456-7890. Have a lovely day!"
})
.then(response => response.json())
.then(data => console.log(data))
.catch(error => console.error('Error:', error));
package main
import (
"io"
"fmt"
"strings"
"net/http"
)
func main() {
JWT_Token := "<JWT_TOKEN>"
API_Key := "<Group_API_Key>"
url := "https://api.playground.protegrity.com/v1/private/classify"
data := strings.NewReader(`{
"Hello, this is Peregrine Grey from Air Industries, could you give me a call back to my mobile number 212-456-7890. Have a lovely day!"
}`)
req, err := http.NewRequest("POST", url, data)
if err != nil {
fmt.Println(err)
return
}
req.Header.Set("x-api-key", API_Key)
req.Header.Set("Content-Type", "application/json")
req.Header.Set("Authorization", JWT_Token)
client := &http.Client{}
resp, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer resp.Body.Close()
body, err := io.ReadAll(resp.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}
SAMPLE RESPONSE
[
{
"classifications": {
"PHONE_NUMBER": [
{
"score": 0.7633000016212463,
"location": {
"start_index": 102,
"end_index": 114
},
"classifiers": [
{
"provider_index": 0,
"name": "PhoneRecognizer",
"score": 0.75,
"details": {}
},
{
"provider_index": 1,
"name": "roberta",
"score": 0.7766000032424927,
"details": {}
}
]
}
],
"IN_PAN": [
{
"score": 0.05,
"location": {
"start_index": 40,
"end_index": 50
},
"classifiers": [
{
"provider_index": 0,
"name": "InPanRecognizer",
"score": 0.05,
"details": {}
}
]
}
],
"PERSON": [
{
"score": 0.9955000281333923,
"location": {
"start_index": 16,
"end_index": 30
},
"classifiers": [
{
"provider_index": 1,
"name": "roberta",
"score": 0.9955000281333923,
"details": {}
}
]
}
]
}
}
]
6.7.4 - Nesting Requests
Adding structure to your requests
You can pass multiple payloads within your request to the protect and unprotect endpoints, mixing together data formats and transformation types. In order to do that, your requests need to be structured in the following manner:
TOP LEVEL ATTRIBUTES
user (required) Choose a user to impersonate from the list of pre-configured roles.
arguments (optional) A nesting element used for passing multiple protection requests as an array.
NESTED ATTRIBUTES
The following attributes have to be provided for every payload sent:
id (optional) ID or label of a single for logging purposes. It will be appended to the query_id field.
data (required) Input data to transform.
data_element (required) Data element to apply when transforming data. Consult the Policy Definition section for the list of supported data elements and their characteristics.
encoding (optional) Type of encoding used for input (and output) data. Note that all encodings are supported for all data elements with the exception of utf8 that cannot be used with encryption data elements. Accepts: [ hex | base64 | utf8 ]. Defaults to utf8.
external_iv (optional) Provide your custom initialization vector to introduce additional variance in the output. The IV may be a number, letter, special character, or a combination of those. Learn more about the IVs in the Key Concepts section. Note that to unprotect the data back to its original value, the external_iv has to be provided in the payload.
SAMPLE REQUEST
curl --location 'https://api.playground.protegrity.com/v1/private/protect' \
--header 'x-api-key: <Group_API_Key>' \
--header 'Content-Type: application/json' \
--header 'Authorization: <JWT_TOKEN>' \
--data '{
"user": "admin",
"arguments": [
{
"id": "id1",
"data_element": "city",
"data": [
"Phoenix"
]
},
{
"external_iv": "LOB_1",
"data_element": "name",
"data": [
"Ava O’Connor",
"Peregrine Wojcik"
]
}
]
}'
import requests
import json
JWT_Token = "<JWT_TOKEN>"
API_Key = "<Group_API_Key>"
url = 'https://api.playground.protegrity.com/v1/private/protect'
headers = { 'x-api-key': API_Key, 'Content-Type': 'application/json', 'Authorization': JWT_Token }
data = {
"user": "admin",
"arguments": [
{
"id": "id1",
"data_element": "city",
"data": [
"Phoenix"
]
},
{
"external_iv": "LOB_1",
"data_element": "name",
"data": [
"Ava O’Connor",
"Peregrine Wojcik"
]
}
]
}
response = requests.post(url, headers=headers, data=json.dumps(data))
print(response.text)
import java.net.HttpURLConnection;
import java.net.URI;
import java.net.URL;
import java.io.OutputStream;
import java.io.InputStreamReader;
import java.io.BufferedReader;
public class APIRequest { public static void main(String[] args) {
try {
String JWT_Token = "<JWT_TOKEN>"
String API_Key = "<Group_API_Key>"
URI uri = new URI("https://api.playground.protegrity.com/v1/private/protect");
URL url = uri.toURL();
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setRequestProperty("x-api-key", API_Key);
conn.setRequestProperty("Content-Type", "application/json");
conn.setRequestProperty("Authorization", JWT_Token); conn.setDoOutput(true);
String jsonInputString = "\"user\": \"admin\",\"arguments\": {\"id\": \"id1\",\"data_element\": \"city\",\"data\": [ \"Phoenix\"]},{\"external_iv\": \"LOB_1\",\"data_element\": \"name\",\"data\": [\"Ava O’Connor\",\"Peregrine Wojcik\"]}";
try (OutputStream os = conn.getOutputStream()) {
byte[] input = jsonInputString.getBytes("utf-8");
os.write(input, 0, input.length);
}
try (BufferedReader br = new BufferedReader(new InputStreamReader(conn.getInputStream(), "utf-8"))) {
StringBuilder response = new StringBuilder();
String responseLine = null;
while ((responseLine = br.readLine()) != null) {
response.append(responseLine.trim());
}
System.out.println(response.toString());
}
} catch (Exception e) {
e.printStackTrace();
}
}
}
fetch('https://api.playground.protegrity.com/v1/private/protect',
{ method: 'POST',
headers: { 'x-api-key': '<Group_API_Key>', 'Content-Type': 'application/json', 'Authorization': '<JWT_TOKEN>' },
body: JSON.stringify({
"user": "admin",
"arguments": [
{
"id": "id1",
"data_element": "city",
"data": [
"Phoenix"
]
},
{
"external_iv": "LOB_1",
"data_element": "name",
"data": [
"Ava O’Connor",
"Peregrine Wojcik"
]
}
]
})
})
.then(response => response.json())
.then(data => console.log(data))
.catch(error => console.error('Error:', error));
package main
import (
"io"
"fmt"
"strings"
"net/http"
)
func main() {
JWT_Token := "<JWT_TOKEN>"
API_Key := "<Group_API_Key>"
url := "https://api.playground.protegrity.com/v1/private/protect"
data := strings.NewReader(`{
"user": "admin",
"arguments": [
{
"id": "id1",
"data_element": "city",
"data": [
"Phoenix"
]
},
{
"external_iv": "LOB_1",
"data_element": "name",
"data": [
"Ava O’Connor",
"Peregrine Wojcik"
]
}
]
}`)
req, err := http.NewRequest("POST", url, data)
if err != nil {
fmt.Println(err)
return
}
req.Header.Set("x-api-key", API_Key)
req.Header.Set("Content-Type", "application/json")
req.Header.Set("Authorization", JWT_Token)
client := &http.Client{}
resp, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer resp.Body.Close()
body, err := io.ReadAll(resp.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}
SAMPLE RESPONSE
{
"results": [
{
"encoding": "utf8",
"id": "id1",
"results": [
"pGPtJxg"
],
"success": true
},
{
"encoding": "utf8",
"results": [
"otO D’vawbCO",
"JKWTkOMDK zPAgFlO"
],
"success": true
}
],
"success": true
}
6.7.5 - Data Security Policy
Data Security Policy configuration
This section describes the Policy configuration used by the API Playground. All listed data elements can be used when calling the private endpoints.
Policy Definition
Generic Data Elements
| Data Element | Method | Use Case | UTF Set | LP | PP | eIV | Role | |||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Admin | Finance | Marketing | HR | |||||||||||
| P | U | P | U | P | U | P | U | |||||||
| datetime | Tokenization | A date or datetime string. Formats accepted: YYYY/MM/DD HH:MM:SS and YYYY/MM/DD. Delimiters accepted: /, - (required). | N/A | N/A | N/A | No | ✓ | X | X | X | X | ✓ | X | X |
| datetime_yc | Tokenization | A date or datetime string. Formats accepted: YYYY/MM/DD HH:MM:SS and YYYY/MM/DD. Delimiters accepted: /, - (required). Leaves the year in the clear. | N/A | N/A | N/A | No | ✓ | X | X | X | X | ✓ | X | X |
| int | Tokenization | An integer string (4 bytes). | Numeric | No | No | Yes | ✓ | X | X | X | X | ✓ | X | X |
| number | Tokenization | A numeric string. May produce leading zeroes. | Numeric | No | No | Yes | ✓ | X | X | X | X | ✓ | X | X |
| string | Tokenization | An alphanumeric string. | Latin + Numeric | No | No | Yes | ✓ | X | X | X | X | ✓ | X | X |
| long_text | Encryption | A long string (e.g., a comment field) using any character set. Use hex or base64 encoding to utilize. | All | No | No | Yes | ✓ | X | X | X | X | ✓ | X | X |
PCI DSS Data Elements
| Data Element | Method | Use Case | UTF Set | LP | PP | eIV | Role | |||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Admin | Finance | Marketing | HR | |||||||||||
| P | U | P | U | P | U | P | U | |||||||
| ccn | Tokenization | Credit card numbers. | Numeric | No | No | Yes | ✓ | X | X | ✓ | X | X | X | X |
| ccn_bin | Tokenization | Credit card numbers. Leaves 8-digit BIN in the clear. | Numeric | No | No | Yes | ✓ | X | X | ✓ | X | X | X | X |
| iban | Tokenization | IBAN numbers. Preserves the length, case, and position of the input characters but may create invalid IBAN codes. | Latin + Numeric | Yes | Yes | No | ✓ | X | X | ✓ | X | X | X | X |
| iban_cc | Tokenization | IBAN numbers. Leaves letters in the clear. | Latin + Numeric | Yes | Yes | Yes | ✓ | X | X | ✓ | X | X | X | X |
PII Data Elements
| Data Element | Method | Use Case | UTF Set | LP | PP | eIV | Role | |||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Admin | Finance | Marketing | HR | |||||||||||
| P | U | P | U | P | U | P | U | |||||||
| address | Tokenization | Street names | Latin + Numeric | No | No | Yes | ✓ | X | X | ✓ | X | X | X | ✓ |
| city | Tokenization | Town or city name | Latin | No | No | Yes | ✓ | X | X | ✓ | X | ✓ | X | ✓ |
| dob | Tokenization | A date string. Formats accepted: YYYY/MM/DD and YYYY/MM/DD. Delimiters accepted: /, - (required). | N/A | N/A | No | No | ✓ | X | X | ✓ | X | ✓ | X | ✓ |
| dob_yc | Tokenization | A date string. Formats accepted: YYYY/MM/DD and YYYY/MM/DD. Delimiters accepted: /, - (required). Leaves the year in the clear. | N/A | N/A | No | No | ✓ | X | X | ✓ | X | ✓ | X | ✓ |
| Tokenization | Email address. Leaves the domain in the clear. | Latin + Numeric | No | No | Yes | ✓ | X | X | ✓ | X | ✓ | X | ✓ | |
| nin | Tokenization | National Insurance Number. Preserves the length, case, and position of the input characters but may create invalid NIN codes. | Latin + Numeric | Yes | Yes | No | ✓ | X | X | X | X | X | X | X |
| name | Tokenization | Person's name | Latin | No | No | Yes | ✓ | X | X | ✓ | X | ✓ | X | ✓ |
| passport | Tokenization | Passport codes. Preserves the length, case, and position of the input characters but may create invalid passport numbers. | Latin + Numeric | Yes | Yes | No | ✓ | X | X | X | X | X | X | X |
| phone | Tokenization | Phone number. May produce leading zeroes. | Latin + Numeric | Yes | No | Yes | ✓ | X | X | X | X | X | X | X |
| postcode | Tokenization | Postal codes with digits and characters. Preserves the length, case, and position of the input characters but may create invalid post codes. | Latin + numeric | Yes | Yes | No | ✓ | X | X | ✓ | X | ✓ | X | ✓ |
| ssn | Tokenization | Social Security Number (US) | Latin + Numeric | Yes | No | Yes | ✓ | X | X | X | X | X | X | X |
| zipcode | Tokenization | Zip codes with digits only. May produce leading zeroes. | Numeric | Yes | No | Yes | ✓ | X | X | ✓ | X | ✓ | X | ✓ |
PII Data Elements
| Data Element | Method | Use Case | UTF Set | LP | PP | eIV | Role | |||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Admin | Finance | Marketing | HR | |||||||||||
| P | U | P | U | P | U | P | U | |||||||
| address_de | Tokenization | Street names (German) | Latin + German + Numeric | No | No | Yes | ✓ | X | X | ✓ | X | X | X | ✓ |
| address_fr | Tokenization | Street names (French) | Latin + French + Numeric | No | No | Yes | ✓ | X | X | ✓ | X | X | X | ✓ |
| city_de | Tokenization | Town or city name (German) | Latin + German | No | No | Yes | ✓ | X | X | ✓ | X | ✓ | X | ✓ |
| city_fr | Tokenization | Town or city name (French) | Latin + French | No | No | Yes | ✓ | X | X | ✓ | X | ✓ | X | ✓ |
| name_de | Tokenization | Person's name (German) | Latin + German | No | No | Yes | ✓ | X | X | ✓ | X | ✓ | X | ✓ |
| name_fr | Tokenization | Person's name (French) | Latin + French | No | No | Yes | ✓ | X | X | ✓ | X | ✓ | X | ✓ |
LEGEND
eIVExternal IVLPLength PreservationPPPosition PreservationPUser group can protect dataUUser group can unprotect data
7 - Release Notes
What’s new and what’s changed
This section contains all release notes published to date. Please note that some releases may break backwards compatibility as we continue improving the service. The release notes will highlight these changes.
Version 1.10 | April 9th, 2025
- Removed csv support from GenAI ednpoints
- Merged old_password and temp_password
Version 1.9 | February 24th, 2025
- Added private endpoints:
/private/protectand/private/unprotect - Added RBAC controls (users)
- Added eIV support
Version 1.8 | January 16th, 2025
- Added support for csv within GenAI Security endpoints (classify, protect, unprotect)
- Added a
thresholdoption for configuring a minimal confidence score when sending data for protection - Added support for parsing csv data with and without headers as
header_line - Added sensitive data detection endpoint as
/discover
Version 1.7 | December 2nd, 2025
- Added
/aiendpoints for sensitive data detection and protection
8 - Code Samples
Example library
Feel like it’s time to try things out? Check out our code samples for examples of how the Playground can be called from your environment. We are constantly updating this section and adding more content, so stay tuned.
Please note that the samples included in this section include product functionality that has been simplified for demonstration purposes and will vary from production-grade implementations.
8.1 - AWS Glue Integration
Automated data protection using Glue and the Playground
Author: Dilraj Singh
About this Sample
In this scenario we will explore the use case of automatic data discovery and protection of an unstructured text file. As data lands in S3, it will be de-identified before it is made available for future processing.
This code sample combines the powers of AWS Glue and the Protegrity’s API Playground. AWS Glue is a serverless data integration service that is widely used as an ETL tool to move data from and to AWS and non-AWS data sources. We will utilize Glue to orchestrate an ETL job comprised of picking up data received in an S3 bucket, sending it to the Playground for automatic data classification and protection, and writing it to a target output directory.
Disclaimer
Non-GA Functionality: for demonstration purposes only. Note that Protegrity GenAI Security features are currently in Preview. Protegrity releases and supports an official product, the S3 Cloud Storage Protector to protect data in S3. The product is optimized for best performance, scalability, and security. We advise using this sample only to demonstrate the functionality.Prerequisites
- Protegrity API Playground activated account
- Access to a AWS non-production account
- Access to Glue, S3, IAM, Lambda, and CloudWatch
IAM Role Setup
- Create 2 new IAM roles:
LambdaInvokeGluefor the Lambda service. The role must be able to run Glue jobs and create logs.GlueS3ReadWritefor the Glue service. The role must be able to write and read from S3 and create logs. You can use theAWSGlueServiceRolepolicy and tune it as necessary.
Lambda Setup
-
Go to AWS Lambda and create a new Lambda function. Call it:
Glue Trigger. Set the runtime to Python 3.13. Attach theLambdaInvokeGlueIAM role to the function execution. -
Once the serverless function is created, pass the following in the code source and hit deploy:
import boto3 import os def lambda_handler(event, context): JobName='GlueClassifyProtectWrite' glue_client = boto3.client('glue', region_name='us-east-1') print(event) source_bucket = event['Records'][0]['s3']['bucket']['name'] source_key = event['Records'][0]['s3']['object']['key'] if source_key.endswith('.txt'): # Pass bucket and object key to the Glue job response = glue_client.start_job_run( JobName='GlueClassifyProtectWrite', Arguments={ '--JobName' : JobName, '--source_bucket': source_bucket, '--source_key': source_key } ) return { 'statusCode': 200, 'body': f"Started Glue job with ID {response['JobRunId']}" } else: return { 'statusCode': 200, 'body': "Unsupported file format provided, ignoring." }This is the trigger definition that will start a Glue job when a text file is found in the S3 bucket.
S3 Setup
-
Create 2 buckets for this exercise. Call them anything you’d like, and to distinguish between the two, append
-inputand-outputto their names. The policy of the input S3 directory should allowGlueS3ReadWriteto write files withs3:GetObjectand the output directory should allow the role to read files withs3:PutObject. -
Set up a new event notification on the
-inputbucket. Call itTextTriggerand filter the suffix to only pick up files ending with.txt. Set the destination as theGlue TriggerLambda function.
Glue Setup
-
The final step is creating the Glue job. Open AWS Glue and create a new ETL job. Let’s call it
GlueClassifyProtectWrite(if you choose a different name, make sure to update the Lambda function). Set the type to Spark, version to Glue 5.0 and the language to Python 3. The execution role should be set to the Glue service role,GlueS3ReadWrite. You can keep the other defaults. -
In the script, paste the following code. In the next step we will update the sample to match your own environment.
import requests import boto3 import json import shutil import sys from awsglue.utils import getResolvedOptions args = getResolvedOptions(sys.argv, ['JobName', 'source_bucket', 'source_key']) # S3 Bucket and File configuration source_bucket = args['source_bucket'] source_key = args['source_key'] target_bucket = "api-playground-glue-output" target_key = source_key.replace(".txt", "-protected.txt") # Connection to S3 s3 = boto3.client('s3', region_name = "") # Playground Login logon_response = requests.post('https://api.playground.protegrity.com/auth/login', headers={'Content-Type': 'application/json'}, verify= False, json={ "email": "", "password": ""}) # Retrieve JWT Token to authenticate requests response_data = logon_response.json() JWT_TOKEN = response_data['jwt_token'] # API Playground URL API_URL = "https://api.playground.protegrity.com/v1/ai" API_KEY = "" API_VERSION = "v1" # Request headers headers = { 'Content-Type': 'application/json', 'x-api-key' : f"{API_KEY}", 'Authorization': 'Bearer ' f"{JWT_TOKEN}" } # Read function def read_bucket(source_bucket, source_key): try: # Get the file from the source bucket response = s3.get_object(Bucket=source_bucket, Key=source_key) # Get the file content (binary) file_content = response['Body'].read() print(file_content) # Assuming it's a text file, decode it to a string file_text = file_content.decode('utf-8') print(f"Successfully read the file {source_bucket}/{source_key}:") except Exception as e: print(f"Error: {e}") return file_text # Write function def write_bucket(target_bucket, target_key, file_text): try: s3.put_object(Bucket = target_bucket, Key = target_key, Body=file_text) print(f"Successfully copied {source_key} from {source_bucket} to {target_bucket}/{target_key}") except Exception as e: print(f"Error: {e}") # Classify and Protect function – Calls API Playground def classify_protect (file_text): data_json = {"operation": "protect", "options": {"type": "mask", "tags" : False, "threshold": 0.6}, "data": [f"{file_text}"]} response = requests.post(API_URL, json = data_json, headers=headers, verify= False) return response.json() # Run the job file_text = read_bucket(source_bucket, source_key) api_response = classify_protect(file_text) response_data = api_response["results"] write_bucket(target_bucket, target_key, response_data) -
Adjust the script with your environment details, specifically the lines:
- within the Connection to S3 section, provide the region of your input and output buckets, e.g.
s3 = boto3.client(‘s3’, region_name = “us-east-1”) - within the Playground Login section, specify your email and password used to authenticate with the Playground
- within the API Playground URL section, provide your API Key used to authorize your Playground requests
- Save your Glue job. We’re ready to roll!
Automatic Data Classification and Protection of Unstructured Files
This scenario showcases processing of an unstructured text file. The file contents are classified and protected entirely by the Protegrity API Playground.
-
Go to the
-inputbucket and drop there a text file that you wish to de-identify. You can use our sample or provide your own.Alexandra Rivera Address: 1258 Maplewood Drive Springfield, IL 62704 Phone: (217) 555-3927 Email: arivera82@email.com Date: March 21, 2025 To: Customer Disputes Department First Horizon Credit Bank 4801 Westlake Blvd Austin, TX 73301 Subject: Dispute of Unauthorized Credit Card Charge Dear Customer Disputes Department, I am writing to formally dispute a charge on my credit card account that I did not authorize. Cardholder Name: Alexandra Rivera Credit Card Number: 3709888761001982 Date of Charge: March 17, 2025 Amount: $198.76 Merchant Name: "TechMart Online – NY" I did not authorize this transaction and have never conducted business with the above-mentioned merchant. I became aware of this charge after reviewing my recent statement and immediately verified that neither I nor anyone with authorized access to my account made this purchase. In accordance with the Fair Credit Billing Act, I am requesting that this charge be removed from my account, that any related interest or fees be reversed, and that a corrected statement be issued as soon as possible. Please investigate this matter and notify me of the outcome. Enclosed with this letter is a copy of my most recent statement highlighting the disputed charge. I have also taken the precaution of temporarily suspending the card to prevent any further unauthorized use. Please confirm receipt of this letter and provide a timeline for the resolution of this issue. Should you require any additional information or documentation, feel free to contact me at the number or email address listed above. Thank you for your prompt attention to this matter. Sincerely, Alexandra Rivera -
The processing will take up to a minute to complete. Monitor the Glue logs to see the progress.
-
Once the job finalizes, you will see a de-identified file in your
-outputbucket. It will look akin to this:################ Address: 1258 ############### ###########, ## 62704 Phone: ############## Email: ################### Date: March 21, 2025 To: Customer Disputes Department First Horizon Credit Bank 4801 ############# ######, ## 73301 Subject: Dispute of Unauthorized Credit Card Charge Dear Customer Disputes Department, I am writing to formally dispute a charge on my credit card account that I did not authorize. Cardholder Name: ################ Account Number: ################ Credit Card Number: ################ Date of Charge: March 17, 2025 Amount: $198.76 Merchant Name: "TechMart Online – NY" I did not authorize this transaction and have never conducted business with the above-mentioned merchant. I became aware of this charge after reviewing my recent statement and immediately verified that neither I nor anyone with authorized access to my account made this purchase. In accordance with the Fair Credit Billing Act, I am requesting that this charge be removed from my account, that any related interest or fees be reversed, and that a corrected statement be issued as soon as possible. Please investigate this matter and notify me of the outcome. Enclosed with this letter is a copy of my most recent statement highlighting the disputed charge. I have also taken the precaution of temporarily suspending the card to prevent any further unauthorized use. Please confirm receipt of this letter and provide a timeline for the resolution of this issue. Should you require any additional information or documentation, feel free to contact me at the number or email address listed above. Thank you for your prompt attention to this matter. Sincerely, ################Feel free to adjust the configuration of your Glue job to set your own risk tolerance (by choosing a low or high
threshold), adding classification tags, or choosing another protection type.
Summary
Pairing AWS Glue with Protegrity is a powerful value proposition: the combination facilitates custom file uploads to the Cloud whilst achieving high security and control over what is being shared. With the flexibility of Glue and the API-first approach of the Playground (and, by extension, Protegrity), the job is automated and scalable, ensuring that the best practices of data security are embedded in your cloud platform from the get-go.
This sample can be further extended to other file formats, other target systems, and platforms. You may want to leverage a data catalog to scan and store the file metadata (recommended for structured files). You may also decide to combine this example with our other samples (such as data unprotection in Snowflake).
8.2 - Snowflake Integration
Call the Playground from your Snowflake instance
Authors: Mark Tritaris, Iwona Rajca
About this Sample
The Playground can be easily leveraged from your Snowflake environment using Snowflake’s External Network Access functionality. An external access integration allows users to write their own UDFs that access external locations, such as the Playground APIs.
Disclaimer
Non-GA Functionality: for demonstration purposes only. Protegrity recommended and supported integration pattern is through Snowflake External Functions which aligns with InfoSec’s best practices. Protegrity releases an official product, the Protegrity Snowflake Protector, for protecting data within Snowflake. The product is optimized for best performance, scalability, and security. We advise using this sample only to demonstrate the functionality.Prerequisites
- Protegrity API Playground activated account
- Access to a Snowflake (test) instance
- Ability to make external calls from Snowflake
- Snowflake grant to:
CREATE SECRET,REPLACE SECRET,CREATE SECRET,REPLACE SECRET,CREATE FUNCTION,REPLACE FUNCTION,CREATE EXTERNAL ACCESS INTEGRATION,REPLACE EXTERNAL ACCESS INTEGRATION,CREATE NETWORK RULE,REPLACE NETWORK RULE - A sample table with some sensitive (test) data that needs protecting
Snowflake Setup
- Open a new worksheet.
- Choose the authorized role to run this sample. In our case we are using the
accountadmin. - Choose the warehouse and the database to use, e.g.
USE DATABASE PROTEGRITY.
Playground Setup
-
To get any responses from the Playground, we’ll need to log in to it first. It’s recommended to create a mechanism to retrieve the JWT token from the Playground. This is not required for the integration itself but it will keep the code reusable: the Playground’s authentication token expires after 24 hours. Paste the following to your worksheet, then run it:
-- Generate a new JWT Token for the Playground CREATE OR REPLACE FUNCTION pty_login(email text, password text) RETURNS STRING LANGUAGE PYTHON RUNTIME_VERSION = 3.8 HANDLER = 'pty_login' EXTERNAL_ACCESS_INTEGRATIONS = (pty_external_access_integration) PACKAGES = ('requests', 'simplejson') AS $$ import _snowflake import simplejson as json import requests def pty_login(email, password): body = { "email": email, "password": password } url = "https://api.playground.protegrity.com/auth/login" headers = { "Content-type": "application/json" } session = requests.Session() response = session.post(url, json=body, headers=headers) response_as_json = json.loads(response.text) return response_as_json['jwt_token'] $$; -
Log in to the Playground by providing your email and password:
SELECT pty_login('YOUR_EMAIL','YOUR_PASSWORD') as jwt; -
Construct a new secret to envelop all your account information. The secret will be very handy for authenticating your requests to the API: our fuction will simply retrieve your details when needed. Provide your API Key in the
api_tokenfield and replace thejwt_tokenvalue with the token returned from the previous query.CREATE OR REPLACE SECRET pty_playground_login TYPE = GENERIC_STRING SECRET_STRING = '{ "clientName":"API Playground User", "api_token":"YOUR_API_KEY", "jwt_token": "YOUR_JWT_TOKEN"}'; -
Create a network rule that points to the Protegrity API main url, and create an external access integration that allows usage of the network rule and the secret we previously created.
-- Create a network rule to Protegrity API CREATE OR REPLACE NETWORK RULE pty_network_rule MODE = EGRESS TYPE = HOST_PORT VALUE_LIST = ('api.playground.protegrity.com'); -- Create an integration using the network rule and secret CREATE OR REPLACE EXTERNAL ACCESS INTEGRATION pty_external_access_integration ALLOWED_NETWORK_RULES = (pty_network_rule) ALLOWED_AUTHENTICATION_SECRETS = (pty_playground_login) ENABLED = true;
Data Protection in Action
It’s time we put everything together and start protecting some data.
-
Create a universal UDF to call Protegrity endpoints for protecting data. The function will accept the name of the endpoint to call, and the data to protect.
-- Create a UDF to de-identify a single value CREATE OR REPLACE FUNCTION pty_protect(endpoint text, data text) RETURNS STRING LANGUAGE PYTHON RUNTIME_VERSION = 3.8 HANDLER = 'pty_protect' EXTERNAL_ACCESS_INTEGRATIONS = (pty_external_access_integration) PACKAGES = ('requests', 'simplejson') SECRETS = ('cred' = pty_playground_login) AS $$ import _snowflake import simplejson as json import requests def pty_protect(endpoint, data): credentials = json.loads(_snowflake.get_generic_secret_string('cred'), strict=False) body = { "operation": "protect", "data": [ data ] } url = "https://api.playground.protegrity.com/v1/" + endpoint headers = { "x-api-key": credentials["api_token"], "Authorization": credentials["jwt_token"], "Content-type": "application/json" } session = requests.Session() response = session.post(url, json=body, headers=headers) response_as_json = json.loads(response.text) return response_as_json[0] $$; -
Run the UDF to make sure it’s working as expected. To protect data, you can choose any of our published data protection endpoints, for example
name:SELECT pty_protect('name','Mickey Mouse') as name;You should receive a tokenized version of Mickey’s name:
oWfepC TGEdC. At last his privacy is protected. -
You can now start protecting your data stored in Snowflake tables. Choose your test table and run a select statement, wrapping the column names in your function calls. Make sure to match the type of the data you are protecting with the appropriate tokenization type: for example, choose the
namefor first and last names, orssnfor Social Security Numbers. Try the query on a limited sample size first – you wouldn’t want to run out of your Playground credits!Example SQL query:
select pty_protect('name',first_name) as protected_first_name, pty_protect('name',last_name) as protected_last_name, pty_protect('email',email) as protected_email, pty_protect('ssn',ssn) as protected_ssn, pty_protect('iban',iban) as protected_iban, pty_protect('dob',birthday) as protected_dob from my_table limit 5;Note that the query processes each field separately, which adds to the total processing time. In a production scenario, batch processing would be recommended for achieving best performance.
Summary
That’s it! This example builds a sample integration that allows Snowflake users to protect data. You can extend this sample by building an unprotect function and incorporating different user roles. Or, creating a function that accepts options, such as dictionary for French and German.