RedactionAPI.net
Try Redaction Demo
Home
Data Types
Name Redaction Email Redaction SSN Redaction Credit Card Redaction Phone Number Redaction Medical Record Redaction
Compliance
HIPAA GDPR PCI DSS CCPA SOX
Industries
Healthcare Financial Services Legal Government Technology
Use Cases
FOIA Redaction eDiscovery Customer Support Log Redaction
Quick Links
Pricing API Documentation Login Try Redaction Demo
API Documentation - RedactionAPI.net
API DOCUMENTATION v1.0

Redaction API Reference

Integrate powerful PII detection and redaction into your applications. Our API supports 233 sensitive data types across 12 categories with enterprise-grade reliability.

POST https://api.redactionapi.net/v1/redact
233
Data Types
12
Categories
99.9%
Uptime SLA
<100ms
Avg Latency

Introduction

The RedactionAPI.net API provides a robust, enterprise-grade solution for detecting and removing Personally Identifiable Information (PII) and other sensitive data from text and documents. Built for compliance with GDPR, CCPA, HIPAA, PCI DSS, and SOX, it processes content in real-time and returns both fully redacted and masked versions.

233 Data Types

Detect PII, PHI, PCI, and proprietary data across 12 categories.

Real-Time Processing

Sub-100ms average response time for text redaction requests.

End-to-End Encryption

AES-256 encryption at rest and TLS 1.3 in transit.

Compliance Ready

GDPR, CCPA, HIPAA, PCI DSS, SOX, FERPA compliant.

Base URL: All API requests should be made to https://api.redactionapi.net/v1/. The API accepts JSON request bodies and returns JSON responses.

Authentication

All API requests require authentication via an API key. Include your key in the X-API-Key header with every request.

HTTP Header 
X-API-Key: your_api_key_here

API keys are available through our subscription plans. After subscribing, retrieve your unique API key from your dashboard.

Security Notice: Keep your API key confidential. Never expose it in client-side code, public repositories, or share it in unsecured channels. If you believe your key has been compromised, rotate it immediately from your dashboard.
Header Value Required
X-API-Key Your unique API key Required
Content-Type application/json Required

Quick Start

Get up and running with the Redaction API in three simple steps.

  1. Get Your API Key

    Sign up at redactionapi.net/pricing and retrieve your API key from the dashboard.

  2. Send Your First Request

    Make a POST request to the redaction endpoint with your text and the data types you want to detect.

  3. Process the Response

    The API returns both a fully redacted version and a masked version with labeled placeholders like [EMAIL], [SSN].

Quick Example (cURL) 
curl -X POST https://api.redactionapi.net/v1/redact \
  -H "Content-Type: application/json" \
  -H "X-API-Key: your_api_key_here" \
  -d '{
    "text": "Contact John at [email protected] or 555-123-4567",
    "types": ["EMAIL_ADDRESS", "PHONE_NUMBER", "PERSON_NAME"]
  }'

Text Redaction Endpoint

POST /v1/redact

Submit text content for PII detection and redaction. The API analyzes the text, identifies sensitive data matching the specified types, and returns both a clean (redacted) version and a masked version with labeled placeholders.

Request Body Parameters

Parameter Type Required Description
text string Required The text content to scan and redact. Maximum 100,000 characters per request.
types array Required Array of PII type keys to detect (e.g., ["EMAIL_ADDRESS", "SSN"]). See Supported Data Types.
mask_char string Optional Character used for masking. Default: #. Options: #, *, X
format string Optional Output format: structured (labeled placeholders) or mask (character replacement). Default: structured

Example Request

JSON Request Body 
{
  "text": "Employee Sarah Johnson ([email protected])\nSSN: 123-45-6789 | Phone: +1 (555) 123-4567\nCredit Card: 4111 1111 1111 1111 | CVV: 123\nIP Address: 192.168.1.42\nAWS Key: AKIA1234567890ABCDEF",
  "types": [
    "EMAIL_ADDRESS", "SSN", "PHONE_NUMBER",
    "CREDIT_CARD_NUMBER", "CVV_NUMBER",
    "IP_ADDRESS", "AWS_CREDENTIALS", "PERSON_NAME"
  ],
  "mask_char": "#"
}

Document Redaction Endpoint

POST /v1/redact/document

Upload documents (PDF, DOCX, TXT, CSV) for bulk redaction. The API processes the document, detects PII across all pages/sections, and returns a redacted version of the document.

Parameter Type Required Description
file file Required The document file to process. Supported formats: PDF, DOCX, TXT, CSV. Max size: 25MB.
types array Required Array of PII type keys to detect and redact.
output_format string Optional Output format: pdf, json, text. Default matches input format.
Multipart Upload: Document redaction uses multipart/form-data encoding. Include the types parameter as a JSON-encoded string in the form data.

Supported Data Types

Our API supports 233 sensitive data types organized across 12 categories. Use the key values below in the types array of your API requests.

Showing 233 of 233 data types

Code Examples

Production-ready integration examples for the most popular languages and tools.

Python 
import requests
import json

# Configuration
API_URL = "https://api.redactionapi.net/v1/redact"
API_KEY = "your_api_key_here"

def redact_text(text, types):
    """Redact sensitive data from text using RedactionAPI."""
    headers = {
        "Content-Type": "application/json",
        "X-API-Key": API_KEY
    }

    payload = {
        "text": text,
        "types": types,
        "mask_char": "#"
    }

    response = requests.post(API_URL, headers=headers, json=payload)
    response.raise_for_status()
    return response.json()

# Example usage
text = """Employee: Sarah Johnson ([email protected])
SSN: 123-45-6789 | Phone: +1 (555) 123-4567
Credit Card: 4111 1111 1111 1111"""

types = ["EMAIL_ADDRESS", "SSN", "PHONE_NUMBER", "CREDIT_CARD_NUMBER", "PERSON_NAME"]

result = redact_text(text, types)

print("Redacted:", result["redacted"])
print("Masked:", result["masked"])
print("Detected:", result["detected_types"])
print("Credits remaining:", result["remaining_credits"])
Node.js 
const fetch = require('node-fetch');

const API_URL = 'https://api.redactionapi.net/v1/redact';
const API_KEY = 'your_api_key_here';

async function redactText(text, types) {
  const response = await fetch(API_URL, {
    method: 'POST',
    headers: {
      'Content-Type': 'application/json',
      'X-API-Key': API_KEY
    },
    body: JSON.stringify({
      text: text,
      types: types,
      mask_char: '#'
    })
  });

  if (!response.ok) {
    throw new Error(`API error: ${response.status}`);
  }

  return response.json();
}

// Example usage
(async () => {
  const result = await redactText(
    'Contact [email protected] or call 555-123-4567',
    ['EMAIL_ADDRESS', 'PHONE_NUMBER']
  );

  console.log('Redacted:', result.redacted);
  console.log('Masked:', result.masked);
  console.log('Credits:', result.remaining_credits);
})();
cURL 
curl -X POST https://api.redactionapi.net/v1/redact \
  -H "Content-Type: application/json" \
  -H "X-API-Key: your_api_key_here" \
  -d '{
    "text": "Employee Sarah Johnson ([email protected])\nSSN: 123-45-6789\nPhone: +1 (555) 123-4567\nCredit Card: 4111 1111 1111 1111\nIP: 192.168.1.42",
    "types": [
      "PERSON_NAME",
      "EMAIL_ADDRESS",
      "SSN",
      "PHONE_NUMBER",
      "CREDIT_CARD_NUMBER",
      "IP_ADDRESS"
    ],
    "mask_char": "#"
  }'
PHP 
<?php

$apiUrl = 'https://api.redactionapi.net/v1/redact';
$apiKey = 'your_api_key_here';

$payload = json_encode([
    'text'  => 'Contact [email protected], SSN: 123-45-6789',
    'types' => ['EMAIL_ADDRESS', 'SSN', 'PHONE_NUMBER'],
    'mask_char' => '#'
]);

$ch = curl_init($apiUrl);
curl_setopt_array($ch, [
    CURLOPT_RETURNTRANSFER => true,
    CURLOPT_POST           => true,
    CURLOPT_POSTFIELDS     => $payload,
    CURLOPT_HTTPHEADER     => [
        'Content-Type: application/json',
        'X-API-Key: ' . $apiKey
    ]
]);

$response = curl_exec($ch);
$httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);

if ($httpCode === 200) {
    $result = json_decode($response, true);
    echo "Redacted: " . $result['redacted'] . "\n";
    echo "Masked: " . $result['masked'] . "\n";
    echo "Credits: " . $result['remaining_credits'] . "\n";
} else {
    echo "Error: HTTP " . $httpCode . "\n";
}

?>
Java 
import java.net.http.*;
import java.net.URI;

public class RedactionApiExample {

    private static final String API_URL = "https://api.redactionapi.net/v1/redact";
    private static final String API_KEY = "your_api_key_here";

    public static void main(String[] args) throws Exception {

        String jsonBody = """
            {
              "text": "Contact [email protected], SSN: 123-45-6789",
              "types": ["EMAIL_ADDRESS", "SSN", "PHONE_NUMBER"],
              "mask_char": "#"
            }
            """;

        HttpClient client = HttpClient.newHttpClient();

        HttpRequest request = HttpRequest.newBuilder()
            .uri(URI.create(API_URL))
            .header("Content-Type", "application/json")
            .header("X-API-Key", API_KEY)
            .POST(HttpRequest.BodyPublishers.ofString(jsonBody))
            .build();

        HttpResponse<String> response = client.send(
            request, HttpResponse.BodyHandlers.ofString()
        );

        System.out.println("Status: " + response.statusCode());
        System.out.println("Body: " + response.body());
    }
}

Response Format

All successful requests return a JSON object with the following structure:

JSON Response (200 OK) 
{
  "status": 200,
  "redacted": "Employee  ()\nSSN:  | Phone: \nCredit Card:  | CVV: \nIP: ",
  "masked": "Employee [PERSON_NAME] ([EMAIL_ADDRESS])\nSSN: [SSN] | Phone: [PHONE_NUMBER]\nCredit Card: [CREDIT_CARD_NUMBER] | CVV: [CVV_NUMBER]\nIP: [IP_ADDRESS]",
  "detected_types": [
    "PERSON_NAME",
    "EMAIL_ADDRESS",
    "SSN",
    "PHONE_NUMBER",
    "CREDIT_CARD_NUMBER",
    "CVV_NUMBER",
    "IP_ADDRESS"
  ],
  "total_credits": 100000,
  "remaining_credits": 99985,
  "processing_time_ms": 142
}

Response Fields

Field Type Description
status integer HTTP status code. 200 indicates success.
redacted string Text with all detected PII completely removed.
masked string Text with PII replaced by labeled placeholders (e.g., [EMAIL_ADDRESS]).
detected_types array List of PII type keys that were detected in the text.
total_credits integer Total API credits in your plan.
remaining_credits integer Remaining API credits after this request.
processing_time_ms integer Server-side processing time in milliseconds.

Error Handling

The API uses standard HTTP status codes. Error responses include a JSON body with details about the issue.

Error Response Example 
{
  "status": 401,
  "error": "invalid_api_key",
  "message": "The provided API key is invalid or has been revoked."
}

HTTP Status Codes

Status Meaning Description
200 Success Request processed successfully. Response contains redacted output.
400 Bad Request Invalid request body, missing required parameters, or malformed JSON.
401 Unauthorized Missing or invalid X-API-Key header.
403 Forbidden API key is valid but credits have been exhausted. Upgrade your plan.
422 Unprocessable Entity Valid JSON but semantically incorrect (e.g., unknown type keys).
429 Too Many Requests Rate limit exceeded. See Rate Limits below.
500 Server Error Internal server error. Retry after a short delay or contact support.
Retry Strategy: For 429 and 500 errors, implement exponential backoff. Start with a 1-second delay, doubling on each retry up to a maximum of 5 retries.

Rate Limits

Rate limits depend on your subscription plan. Exceeding the limit returns a 429 Too Many Requests response.

Plan Requests / Minute Requests / Day Max Text Size
Starter 60 10,000 25,000 chars
Professional 300 100,000 50,000 chars
Enterprise 1,000 Unlimited 100,000 chars

Rate limit information is included in response headers:

Rate Limit Headers 
X-RateLimit-Limit: 300
X-RateLimit-Remaining: 287
X-RateLimit-Reset: 1707350400
Credit Monitoring: Every API response includes your total_credits and remaining_credits so you can track usage in real-time. Set up alerts in your dashboard to get notified before running low.