This is the multi-page printable view of this section. Click here to print.
This section groups together useful resources for getting started with the Playground: the initial setup and step-by-step guides that walk you through the registration, your IDE setup and a handful of examples of how to interact with the platform.
New to the Playground? Perform the following steps and start using our APIs:
Before you can start using Protegrity API Playground, you need to register using the form on the official API Playground webpage. Once successful, you will receive an email from us with your unique API Key and the temporary password.
Registered already? Your first stop should be the user management section for setting your unique password – and then you’re good to go!
If you’re a first-time user you may want to take a look at one of our Getting Started guides. So far we have published them for Postman and VS Studio Code – REST.
For organizations handling sensitive data, finding a secure and efficient way to test data protection solutions is crucial. The Protegrity API Playground offers a straightforward way to test Protegrity’s data protection features. The Playground grants you 10,000 API requests after registration to use as you see fit: protecting names, addresses, credit card numbers – or any other data your organization considers secure. This guide will walk you through the setup process and show you sample API calls. And for those who prefer to skip the reading, check out our video guides: Registration & Setup or Using the API.
The best way to start with the Playground is to use our preconfigured Postman collection: import it into Postman, and you are good to go. This guide will leverage the collection to show you the login process and how to use the API. This is no precondition to accessing the Playground: you can use the code samples from the webpage and an IDE of your choice.
To register with Protegrity API Playground, fill out the form on the API Playground landing page. The information you provide is collected for user management and analytics. It is protected with Protegrity’s technology, ensuring that only authorized team members can view it in clear text. We are drinking our own champagne – it would be unwise not to!
Registration with Protegrity API Playground is straightforward
Once registered, you will receive an email from us. It will include your temporary password and your API key. Note: You will need both to make any calls to the Playground.
Welcome Email with your temporary password and API key
As a first-time user, you will need to update your password. Choose a secure password (8 characters long, to include a unique character, a lowercase letter, an uppercase letter, and a number) and send it to the /change-password endpoint.
Change password – required for first-time users!
In return, you will receive a JWT Token. The token, alongside your API Key is your means of authorization. All data transformation requests going to the Playground require those elements.
The JWT Token expires every 24 hours. To renew it, go to the /login endpoint, and we will issue a new one.
Login to receive your JWT token
Consider saving your JWT Token and the API Key as environment variables for convenience. If you use our preconfigured Postman collection, you can store them in the variables section. This will ensure that they are sent alongside every request and save you some tedious work of providing them with every call.
Setting environment variables in Postman
Now that’s done you’re all set! Let the API Playground be your oyster.
Protegrity API Playground exposes a curated selection of endpoints for data protection: you can use them to secure any PII, PCI, or otherwise sensitive information. The predefined endpoints include names, addresses, zip codes, credit card numbers, social security numbers, and more.
Protegrity’s Vaultless Tokenization is renowned for its high configurability. The Playground lets you experiment with some of its flagship capabilities: length-, language-, position-, and case-preservation. This means that if you pass French strings to the API, you will receive a token that carries French characters. Numeric zip codes are length-preserving, meaning that a 5-digit input will produce a 5-digit output. Postcodes, i.e., codes that mix digits and characters, are even more advanced: you will keep their original length, position, and case in the received token. This is a very different approach to encryption, where the cyphertext resulting from the cryptographic function does not match the input domain and requires the developer to change the application to accommodate it.
A full list of available endpoints and their properties is available in the Using the API section. Let’s play around with some of them to give you an idea of what the Playground can offer.
We have hand-picked some protection endpoints that are representative of what you can expect from the Playground – and Protegrity’s platform.
Most of our clients choose to protect their customers’ names. Let’s construct a request to the /name endpoint to secure the name of the King of England: Charles Mountbatten-Windsor.
The operation should be set to protect: this is how you will instruct the API what to do.
Paste the King’s name in the data and send the request.
Protecting the King’s name
And poof! The King is no longer a known person (in your records). Note that the /name endpoint does not support any text feature preservation (length, case, or position), as there is rarely any business case to do so. You will also notice that something interesting has happened: the separator within the King’s surname was not removed. This is because this tokenization element only acts on letters. Everything else is returned as-is.
You can now pass the protected string into the request and switch the operation to unprotect. This will return the King’s name.
Unprotecting the King’s name
The /name endpoint offers language preservation for German and French characters. To switch it on, provide a dictionary as an option and set it to your preferred language.
Setting French as the dictionary
Date of birth is another attribute commonly considered as PII. If you provide it with a date, it will return its secured version in that same format. You can also decide to leave the year in the clear. Often, an entire date of birth is considered a sensitive attribute, however a year on its own is acceptable to be left in the clear.
Here’s a sample request issued to /dob endpoint that demonstrates this feature:
Protecting dates of birth
Leaving your customer’s credit card numbers unprotected is a sure way to anger auditors, lose customer trust, and get into trouble. CCN is the core piece of data to secure – if you’re unsure what should be your priority, this is it.
When calling the /ccn endpoint, you can decide to protect the entire credit card string or leave the 8-digit BIN in the clear:
Protecting credit card numbers
Now that you have a good grasp of how our API Playground works, you can take it up a notch and protect (and unprotect) multiple data types at once. To do that, use the /multi endpoint. Specify the operation type, the data type, and options for each data point. Refer to the description of each data type (endpoint) to see all options available.
Here’s an example protection request of an address in Paris:
Multi-type request
The Protegrity API Playground offers a practical and essential entry point to test, evaluate, and refine data protection strategies within a secure environment, allowing teams to see if Protegrity is the right fit for their data privacy needs. Register today to start safeguarding your sensitive data, one API request at a time.
The Protegrity API Playground offers an easy way to test Protegrity’s data protection features. It comes with a pre-configured HTTP requests file that can be used in Visual Studio Code with the REST Client extension.
This is an addendum to the Postman guide. Please read that blog post first to learn how to register and how to use the Protegrity API Playground.
Follow the official documentation on how to add the REST Client extension in Visual Studio Code.
The best way to start with the Protegrity Playground in Visual Studio Code is to use our preconfigured HTTP requests collection file: get it from our Downloads section and open it in Visual Studio Code.
The HTTP request file starts with the definition of some variables.
@api_token = changeme
@api_url = api.playground.protegrity.com
@api_version = v1
@jwt_token = changeme
@api_auth = auth
These variables will be used to construct the Playground’s URI and populate your authentication information.
Change the @api_token to the value you received in your welcome email.
You’ll get the jwt_token only after your first login.
Since the JWT token is only valid for 24 hours and changes with a following login here’s a tip how you can set it automatically after each login.
The first request in the file is the user login.
Add two lines to set the @jwt_token variable after each execution of the login request like in the following example:
# @name User_Login
POST https://{{api_url}}/{{api_auth}}/login
Authorization: {{jwt_token}}
Content-Type: application/json
{
"email": "<YOUR_EMAIL>",
"password": "<YOUR_PASSWORD>"
}
###
@jwt_token = {{User_Login.response.body.jwt_token}}
The API Playground is an evergreen project: we are rolling out updates and new features every couple of months.