Protegrity API Playground
Protegrity API Playground is a free to use platform that allows you to try out the core functionality of Protegrity data security suite: data protection and unprotection. Protegrity patented Vaultless Tokenization is the foundation of the service, securing the data while preserving its analytical utility. Data you send to the API is tokenized in a format, language, and length preserving manner. Every time you send a specific data point to the API, that data point will be protected the same way, i.e. “New York” will always be tokenized to “xYs fpsE”, etc. The API allows for data retrieval to its original form, i.e. data unprotection.
Note that the Protegrity API Playground supports functionality testing only and should only be used with synthetic data. Performance has been limited by design (see the Usage & Limitations section). Please get in touch with the Sales team if you would like to inquire about the full Protegrity offering.
Getting Started
Before you can start using Protegrity API Playground, you need to register using the form on the top of this page. Once successful, you will receive an email from us with your unique API Key and the temporary password. Registered already? Delve into our documentation to learn more about the API Playground capabilities. Download our pre-configured Postman Collection below to get a jump start with the API.
Key Concepts
Data Security
A process of data de-identification that removes sensitivity from the original data in order to render it worthless in unauthorized hands. Data Security is commonly implemented through tokenization, encryption, FPE, hashing, and masking.
Tokenization
Data tokenization is a reversible method of data protection. In tokenization, sensitive data is substituted with a randomly generated surrogate value known as a token. Generated token may be configured to be format, length, and language-preserving. Additional controls, such as adhering to a date range or passing the Luhn check are available. Tokenization is the most popular data protection method among Protegrity’s clients. Learn more about Protegrity Vaultless Tokenization.
Encryption
Encryption is an alternative method of reversible data protection. It uses mathematical algorithms and cryptographic keys to change data into “binary ciphertext,” rendering the encrypted data unreadable and unusable. To access the original data, a user needs to present an encryption key, which reverses the encryption process and unlocks the data.
External IV Coming Soon
A user-defined input added to a tokenization request used to differentiate generated tokens from the same initial value.
Usage & Limitations
To ensure fair use of the API service, we enforce rate limits on API requests.
These limits are:
- Request Rate: 50 per second
- Burst: up to 100
- Quota: 10,000 requests per user
- Max. Payload size: 1MB
Headers
Every request should carry the following headers:
x-api-key (required)
Your unique API Key. Received after a successful sign-up.
Authorization (required)
A JWT token for the session. Obtained by running the Login and Change Password endpoints.
Content-Type (required)
Set to application/json.
Authentication
Protegrity API Playground uses an API Key and a JWT token for request authorization. You will receive your unique API Key as part of the registration process. This section documents how to obtain a JWT token.
To confirm and activate your account you need to first set a new password, using the credentials received via email. The video below describes this process.
Login
METHOD: POST
https://api.playground.protegrity.com/v1/login
Log in to the service using your API Key and password and obtain a JWT token for request authentication. A JWT token is valid for 24 hours. Rerun the endpoint to request a new token.
Note: If you are logging in for the first time, start with the Set Password endpoint.
SAMPLE REQUEST
curl --location 'https://api.playground.protegrity.com/v1/auth \
--header 'Content-Type: application/json' \
--data-raw '{
"email": "<USER_EMAIL>",
"password": "<USER_PASSWORD>"
}'
SAMPLE RESPONSE
{
"statusCode": 201,
"message": "Login successful",
"jwt_token":"eyJraWQiOiI4T2pkOXlCWnlhMGYyVnZxRmRTblowN1ZnUEp6SHpTWFY5XC9xWXhvVTJWMD0iLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI4NDU4ZDQ2OC02MDIxLTcwMzktMTYzZi0zZGU4ZDZjMGE1ODgiLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwiaXNzIjoiaHR0cHM6XC9cL2NvZ25pdG8taWRwLnVzLWVhc3QtMS5hbWF6b25hd3MuY29t"
}
Set Password
METHOD: POST
https://api.playground.protegrity.com/v1/auth/change-password
Set your password and obtain a JWT token for request authentication. This is a dedicated endpoint for the users creating their password for the first time and requires the temporary password provided during the registration.
Note: Your new password should be at least 8 characters long, include a special character, a lowercase letter, an uppercase letter, and a number.
curl --location 'https://api.playground.protegrity.com/v1/auth/change-password \
--header 'Content-Type: application/json' \
--data-raw '{
"email": "<USER_EMAIL>",
"temp_password": "<TEMP_PASSWORD>",
"new_password": "<NEW_PASSWORD>"
}'
SAMPLE RESPONSE
{
"statusCode": 201,
"message": "Password change successful",
"jwt_token":"eyJraWQiOiI4T2pkOXlCWnlhMGYyVnZxRmRTblowN1ZnUEp6SHpTWFY5XC9xWXhvVTJWMD0iLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI4NDU4ZDQ2OC02MDIxLTcwMzktMTYzZi0zZGU4ZDZjMGE1ODgiLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwiaXNzIjoiaHR0cHM6XC9cL2NvZ25pdG8taWRwLnVzLWVhc3QtMS5hbWF6b25hd3MuY29t"
}
Change Password
METHOD: POST
https://api.playground.protegrity.com/v1/auth/change-password
Change your password.
Note: Your new password should be at least 8 characters long, include a special character, a lowercase letter, an uppercase letter, and a number.
curl --location 'https://api.playground.protegrity.com/v1/auth/change-password \
--header 'Content-Type: application/json' \
--data-raw '{
"email": "<USER_EMAIL>",
"old_password": "<OLD_PASSWORD>",
"new_password": "<NEW_PASSWORD>"
}'
SAMPLE RESPONSE
{
"statusCode": 201,
"message": "Password change successful"
}
Data Protection Endpoints
Protegrity API Playground exposes a curated selection of endpoints for data protection: you can use them to secure any PII and PCI information. The predefined endpoints include names, addresses, numbers, Credit Card Numbers, Social Security Numbers, and more. Format, length and language preservation are supported.
Available endpoints:
- Name (PII)
- Address (PII)
- City (PII)
- Postcode (PII)
- Zipcode (PII)
- Phone (PII)
- Email (PII)
- Date of birth (PII)
- National Insurance Number (PII)
- Social Security Number (PII)
- Credit Card Number (PCI DSS)
- Passport (PII)
- IBAN (PII)
- Datetime
- Number
- String
- Text
- Multi-type
This collection is a subset of Protegrity functions available in the full version of the product.
Name (PII)
METHOD: POST
https://api.playground.protegrity.com/v1/name
Protect or unprotect a person’s name. The received token is not length-preserving.
ATTRIBUTES
operation (required)
Specify if to protect or unprotect data. Accepts: [ protect | unprotect ]
dictionary (optional)
Specify the Unicode domain of the input and output values. Option en covers all characters within the Basic Latin block of the Unicode standard (range U+0000..U+007F). Options de and fr extend that coverage to include German and French characters, respectively. Accepts: [ en | de | fr ]. Defaults to en.
SAMPLE REQUEST
curl --location 'https://api.playground.protegrity.com/v1/name' \
--header 'x-api-key: <API_Key>' \
--header 'Content-Type: application/json' \
--header 'Authorization: <JWT_TOKEN>' \
--data '{
"operation": "protect",
"data": ["Joe Bloggs", "Jim Handson"],
"options": {
"dictionary": "latin"
}
}'
SAMPLE RESPONSE
{
[
"Txf DkmhjB",
"QXe AaXTZfb"
]
}
Address (PII)
METHOD: POST
https://api.playground.protegrity.com/v1/address
Protect or unprotect an address. The received token is not length-preserving.
ATTRIBUTES
operation (required)
Specify if to protect or unprotect data. Accepts: [ protect | unprotect ]
dictionary (optional)
Specify the Unicode domain of the input and output values. Option en covers all characters within the Basic Latin block of the Unicode standard (range U+0000..U+007F). Options de and fr extend that coverage to include German and French characters, respectively. Accepts: [ en | de | fr ]. Defaults to en.
SAMPLE REQUEST
curl --location 'https://api.playground.protegrity.com/v1/address' \
--header 'x-api-key: <API_Key>' \
--header 'Content-Type: application/json' \
--header 'Authorization: <JWT_TOKEN>' \
--data '{
"operation": "protect",
"data": ["77 Boulevard Saint-Jacques", "46 avenue de la Grande Armée"],
"options": {
"dictionary": "fr"
}
}'
SAMPLE RESPONSE
{
[
"3u CG5itJTNu KJStq-galulig",
"Gr AY5iAK k1 n8 LvIx74 ewBék"
]
}
City (PII)
METHOD: POST
https://api.playground.protegrity.com/v1/city
Protect or unprotect a town or city. The received token is not length-preserving.
ATTRIBUTES
operation (required)
Specify if to protect or unprotect data. Accepts: [ protect | unprotect ]
dictionary (optional)
Specify the Unicode domain of the input and output values. Option en covers all characters within the Basic Latin block of the Unicode standard (range U+0000..U+007F). Options de and fr extend that coverage to include German and French characters, respectively. Accepts: [ en | de | fr ]. Defaults to en.
SAMPLE REQUEST
curl --location 'https://api.playground.protegrity.com/v1/city' \
--header 'x-api-key: <API_Key>' \
--header 'Content-Type: application/json' \
--header 'Authorization: <JWT_TOKEN>' \
--data '{
"operation": "protect",
"data": ["Berlin", "München"],
"options": {
"dictionary": "de"
}
}'
SAMPLE RESPONSE
{
[
"hjsöIO",
"YAßiaoP"
]
}
Postcode (PII)
METHOD: POST
https://api.playground.protegrity.com/v1/postcode
Protect or unprotect a postal code with digits and chatacters. The received token is case-, length-, and position-preserving but may create invalid postal codes (e.g., restricted letters).
ATTRIBUTES
operation (required)
Specify if to protect or unprotect data. Accepts: [ protect | unprotect ]
dictionary (optional)
Specify the Unicode domain of the input and output values. Option en covers all characters within the Basic Latin block of the Unicode standard (range U+0000..U+007F). Options de and fr extend that coverage to include German and French characters, respectively. Accepts: [ en | de | fr ]. Defaults to en.
SAMPLE REQUEST
curl --location 'https://api.playground.protegrity.com/v1/postcode' \
--header 'x-api-key: <API_Key>' \
--header 'Content-Type: application/json' \
--header 'Authorization: <JWT_TOKEN>' \
--data '{
"operation": "protect",
"data": ["WX90GA", "SW700"]
}'
SAMPLE RESPONSE
{
[
"AD12TT",
"II867"
]
}
Zipcode (PII)
METHOD: POST
https://api.playground.protegrity.com/v1/zipcode
Protect or unprotect a postal code with digits only. The received token is length-preserving. The method may produce leading zeroes and invalid zipcodes (e.g., restricted digits).
ATTRIBUTES
operation (required)
Specify if to protect or unprotect data. Accepts: [ protect | unprotect ]
dictionary (optional)
Specify the Unicode domain of the input and output values. Option en covers all characters within the Basic Latin block of the Unicode standard (range U+0000..U+007F). Options de and fr extend that coverage to include German and French characters, respectively. Accepts: [ en | de | fr ]. Defaults to en.
SAMPLE REQUEST
curl --location 'https://api.playground.protegrity.com/v1/zipcode' \
--header 'x-api-key: <API_Key>' \
--header 'Content-Type: application/json' \
--header 'Authorization: <JWT_TOKEN>' \
--data '{
"operation": "protect",
"data": ["29017", "28100"]
}'
SAMPLE RESPONSE
{
[
"00891",
"67996"
]
}
Phone (PII)
METHOD: POST
https://api.playground.protegrity.com/v1/phone
Protect or unprotect a phone number. The received token is length-preserving. May return leading zeroes.
ATTRIBUTES
operation (required)
Specify if to protect or unprotect data. Accepts: [ protect | unprotect ]
SAMPLE REQUEST
curl --location 'https://api.playground.protegrity.com/v1/phone' \
--header 'x-api-key: <API_Key>' \
--header 'Content-Type: application/json' \
--header 'Authorization: <JWT_TOKEN>' \
--data '{
"operation": "protect",
"data": ["63098109","120-99-02-10"]
}
}'
SAMPLE RESPONSE
{
[
"81176289",
"425-44-65-10"
]
}
Email (PII)
METHOD: POST
https://api.playground.protegrity.com/v1/email
Protect or unprotect an email address. The received token is not length-preserving. The domain is returned in the clear.
ATTRIBUTES
operation (required)
Specify if to protect or unprotect data. Accepts: [ protect | unprotect ]
SAMPLE REQUEST
curl --location 'https://api.playground.protegrity.com/v1/email' \
--header 'x-api-key: <API_Key>' \
--header 'Content-Type: application/json' \
--header 'Authorization: <JWT_TOKEN>' \
--data '{
"operation": "protect",
"data": ["ava.mcconnor@acme.corp","wren@business.com"]
}
}'
SAMPLE RESPONSE
{
[
"d3E.ui2sOks@acme.corp",
"6KOe@business.com"
]
}
Date of Birth (PII)
METHOD: POST
https://api.playground.protegrity.com/v1/dob
Protect or unprotect a date of birth. The endpoint accepts partial DOB protection, i.e., leaving the year value in the clear. Supported date format: YYYY/MM/DD. Supported delimiters: /, ., and -.
ATTRIBUTES
operation (required)
Specify if to protect or unprotect data. Accepts: [ protect | unprotect ]
year (optional)
Set to true to leave the year in the clear. Must be set to true when unprotecting the string tokenized using this option. Accepts: [ true | false ]. Defaults to false.
SAMPLE REQUEST
curl --location 'https://api.playground.protegrity.com/v1/dob' \
--header 'x-api-key: <API_Key>' \
--header 'Content-Type: application/json' \
--header 'Authorization: <JWT_TOKEN>' \
--data '{
"operation": "protect",
"data": ["1980/12/10", "1965/01/27"],
"options": {
"year": "true"
}
}'
SAMPLE RESPONSE
{
[
"1980/03/24",
"1965/08/11"
]
}
National Insurance Number (PII)
METHOD: POST
https://api.playground.protegrity.com/v1/nin
Protect or unprotect a National Insurance Number (UK). The returned NIN is case-, length- and position-preserving, i.e., generated letters and numbers will adhere to their original position. Note that some NIN logic, i.e. restricted letters, is not preserved.
ATTRIBUTES
operation (required)
Specify if to protect or unprotect data. Accepts: [ protect | unprotect ]
SAMPLE REQUEST
curl --location 'https://api.playground.protegrity.com/v1/nin' \
--header 'x-api-key: <API_Key>' \
--header 'Content-Type: application/json' \
--header 'Authorization: <JWT_TOKEN>' \
--data '{
"operation": "protect",
"data": ["QQ123456A","KT902281F"]
}
}'
SAMPLE RESPONSE
{
[
"CD196371K",
"OO918451S"
]
}
Social Security Number (PII)
METHOD: POST
https://api.playground.protegrity.com/v1/ssn
Protect or unprotect a Social Security Number (US). The returned SSN is length- and format-preserving. Note that some SSN logic, i.e. restricted numbers within digit groups, is not preserved.
ATTRIBUTES
operation (required)
Specify if to protect or unprotect data. Accepts: [ protect | unprotect ]
SAMPLE REQUEST
curl --location 'https://api.playground.protegrity.com/v1/ssn' \
--header 'x-api-key: <API_Key>' \
--header 'Content-Type: application/json' \
--header 'Authorization: <JWT_TOKEN>' \
--data '{
"operation": "protect",
"data": ["782-01-2930","291-44-5983"]
}
}'
SAMPLE RESPONSE
{
[
"399-03-3685",
"389-71-6451"
]
}
Credit Card Number (PCI DSS)
METHOD: POST
https://api.playground.protegrity.com/v1/ccn
Protect or unprotect a Credit Card Number. The returned CCN is not length-preserving. The endpoint accepts partial CCN protection, i.e. leaving the 8-digit BIN in the clear.
ATTRIBUTES
operation (required)
Specify if to protect or unprotect data. Accepts: [ protect | unprotect ]
bin (optional)
Set to true to leave the 8-digit BIN number in the clear. Must be set to true when unprotecting the string tokenized using this option. Accepts: [ true | false ]. Defaults to false.
SAMPLE REQUEST
curl --location 'https://api.playground.protegrity.com/v1/ccn' \
--header 'x-api-key: <API_Key>' \
--header 'Content-Type: application/json' \
--header 'Authorization: <JWT_TOKEN>' \
--data '{
"operation": "protect",
"data": ["4321567898765432","2376876534560987"],
"options": {
"bin": false
}
}'
SAMPLE RESPONSE
{
[
"0449999816792240",
"6683962881463918"
]
}
Passport (PII)
METHOD: POST
https://api.playground.protegrity.com/v1/passport
Protect or unprotect a passport number. The returned passport number is case-, length- and position-preserving (i.e., generated letters and numbers will adhere to their original position). Note that some passport logic, i.e. restricted letters, is not preserved.
ATTRIBUTES
operation (required)
Specify if to protect or unprotect data. Accepts: [ protect | unprotect ]
SAMPLE REQUEST
curl --location 'https://api.playground.protegrity.com/v1/passport' \
--header 'x-api-key: <API_Key>' \
--header 'Content-Type: application/json' \
--header 'Authorization: <JWT_TOKEN>' \
--data '{
"operation": "protect",
"data": ["FA039020112","CBR90110244"]
}'
SAMPLE RESPONSE
{
[
"IN890183422",
"GFR67102933"
]
}
IBAN (PII)
METHOD: POST
https://api.playground.protegrity.com/v1/iban
Protect or unprotect an Internation Banking Account Number. The returned IBAN is case-, length- and position-preserving. Note that some IBAN logic, i.e., producing valid country codes or a checksum validation, is not supported. The endpoint accepts partial IBAN protection, i.e., leaving the letters in the clear.
ATTRIBUTES
operation (required)
Specify if to protect or unprotect data. Accepts: [ protect | unprotect ]
alpha (optional)
Set to true to leave the letters in the clear. Must be set to clear when unprotecting the string tokenized using this option. Accepts: [ true | false ]. Defaults to false.
SAMPLE REQUEST
curl --location 'https://api.playground.protegrity.com/v1/iban' \
--header 'x-api-key: <API_Key>' \
--header 'Content-Type: application/json' \
--header 'Authorization: <JWT_TOKEN>' \
--data '{
"operation": "protect",
"data": ["NO8330001234567","QA54QNBA000000000000693123456"],
"options": {
"alpha": true
}
}'
SAMPLE RESPONSE
{
[
"NO0980006979071",
"QA13QNBA128618782491645358717"
]
}
String
METHOD: POST
https://api.playground.protegrity.com/v1/string
Protect or unprotect a string. Maximum length of the string is 128 characters. The returned string is not length-preserving neither case-preserving.
ATTRIBUTES
operation (required)
Specify if to protect or unprotect data. Accepts: [ protect | unprotect ]
SAMPLE REQUEST
curl --location 'https://api.playground.protegrity.com/v1/string' \
--header 'x-api-key: <API_Key>' \
--header 'Content-Type: application/json' \
--header 'Authorization: <JWT_TOKEN>' \
--data '{
"operation": "protect",
"data": ["hello","world"]
}
}'
SAMPLE RESPONSE
{
[
"UkosA",
"okPPwa"
]
}
Number
METHOD: POST
https://api.playground.protegrity.com/v1/number
Protect or unprotect a number. The returned number is length-preserving. The endpoint might generate numbers with leading zeros.
ATTRIBUTES
operation (required)
Specify if to protect or unprotect data. Accepts: [ protect | unprotect ]
SAMPLE REQUEST
curl --location 'https://api.playground.protegrity.com/v1/number' \
--header 'x-api-key: <API_Key>' \
--header 'Content-Type: application/json' \
--header 'Authorization: <JWT_TOKEN>' \
--data '{
"operation": "protect",
"data": ["123654","987654"]
}
}'
SAMPLE RESPONSE
{
[
"034539",
"101012"
]
}
Text
METHOD: POST
https://api.playground.protegrity.com/v1/text
Protect or unprotect sample text using encryption. Received text must be hex encoded. The returned value is hex encoded. There is no limitation on the text’s length however payload limits apply.
ATTRIBUTES
operation (required)
Specify if to protect or unprotect data. Accepts: [ protect | unprotect ]
SAMPLE REQUEST
curl --location 'https://api.playground.protegrity.com/v1/text' \
--header 'x-api-key: <API_Key>' \
--header 'Content-Type: application/json' \
--header 'Authorization: <JWT_TOKEN>' \
--data '{
"operation": "protect",
"data": ["48656c6c6f20576f726c640a"]
}
}'
SAMPLE RESPONSE
{
[
"E616C7B0762E28A32E0FABF4BC403C8D"
]
}
Datetime
METHOD: POST
https://api.playground.protegrity.com/v1/datetime
Protect or unprotect a datetime string The endpoint accepts partial timestamp protection, i.e., leaving the year value in the clear. Supported formats: YYYY/MM/DD and YYYY/MM/DD HH:MM:SS. Supported delimiters: /, -, .; space or T are supported between date and time.
ATTRIBUTES
operation (required)
Specify if to protect or unprotect data. Accepts: [ protect | unprotect ]
year (optional)
Set to true to leave the year in the clear. Must be set to true when unprotecting the string tokenized using this option. Accepts: [ true | false ]. Defaults to false.
SAMPLE REQUEST
curl --location 'https://api.playground.protegrity.com/v1/datetime' \
--header 'x-api-key: <API_Key>' \
--header 'Content-Type: application/json' \
--header 'Authorization: <JWT_TOKEN>' \
--data '{
"operation": "protect",
"data": ["1980/12/10 14:12:01", "1965/01/27"],
"options": {
"year": "true"
}
}'
SAMPLE RESPONSE
{
[
"1980/03/24 03:19:45",
"1965/08/11"
]
}
Multi-type
METHOD: POST
https://api.playground.protegrity.com/v1/multi
Protect or unprotect various attributes within a payload. Please refer to the specific payload type descriptions to see available options.
SAMPLE REQUEST
curl --location 'https://api.playground.protegrity.com/v1/multi' \
--header 'x-api-key: <API_Key>' \
--header 'Content-Type: application/json' \
--header 'Authorization: <JWT_TOKEN>' \
--data '[
{
"type": "address",
"operation": "protect",
"data": ["Place 8 Rue Nicolau"],
"options":{
"dictionary": "fr"
}
},
{
"type": "zipcode",
"operation": "protect",
"data": ["7500"]
}
]'
SAMPLE RESPONSE
[
[
"AÿÊal û êkU œ5cùy0a7y"
],
[
"85134"
]
]