POST /api/v1/deidentify/text
De-identifies a text string using MASKED or PROPRIETARY (Guardian Layer) mode.
:::warning Coming soon
GDPR, HIPAA, and CUSTOM modes are not yet publicly released and will be available in a future update.
:::
Request
POST /api/v1/deidentify/text
X-API-Key: cai_your_key_here
Content-Type: application/json
Body
{
"text": "Call Sarah at (415) 555-0123 or email sarah@example.com.",
"compliance_mode": "MASKED",
"domain": "General"
}
| Field | Type | Required | Default | Description |
|---|---|---|---|---|
text | string | Yes | — | The text to de-identify |
compliance_mode | string | Yes | — | MASKED or PROPRIETARY (Guardian Layer). GDPR, HIPAA, CUSTOM coming soon |
domain | string | No | "General" | General, Medical, Finance, or Custom. Used with PROPRIETARY mode |
replacements | object | No | null | Optional replacement map {original: replacement} for use with PROPRIETARY mode |
Response 200 OK
{
"output_text": "Call S**** at (***) ***-**** or email s***@example.com.",
"original_text": "Call Sarah at (415) 555-0123 or email sarah@example.com.",
"mode": "MASKED",
"meta": {
"plan_name": "professional"
},
"spans": [
{"start": 5, "end": 10, "label": "PERSON"},
{"start": 14, "end": 28, "label": "PHONE_NUMBER"},
{"start": 38, "end": 55, "label": "EMAIL_ADDRESS"}
],
"analysis": null
}
| Field | Type | Description |
|---|---|---|
output_text | string | The de-identified text |
original_text | string | The original input text |
mode | string | The compliance mode used |
meta | object | Request metadata including plan name |
spans | array | Entity spans detected (position, label). May be null for some modes |
analysis | object | Returned when compliance_mode is PROPRIETARY and no replacements were supplied. Contains the same fields as the /analyze/text/proprietary response |
Examples
MASKED
import requests
requests.post(
"https://api.custodianai.com/api/v1/deidentify/text",
headers={"X-API-Key": "cai_your_key_here"},
json={"text": "Email me at jane@acme.com", "compliance_mode": "MASKED"},
).json()
# {"output_text": "Email me at *************", ...}
PROPRIETARY — Guardian Layer
requests.post(
"https://api.custodianai.com/api/v1/deidentify/text",
headers={"X-API-Key": "cai_your_key_here"},
json={
"text": "The Meridian account exceeded Q3 targets.",
"compliance_mode": "PROPRIETARY",
"domain": "Finance",
},
).json()
When compliance_mode is PROPRIETARY and no replacements are provided, the analysis field in the response contains the detected sensitive words and suggestions.
Error responses
| Status | Description |
|---|---|
401 | Missing or invalid API key |
403 | Key expired or character limit reached |
422 | Missing required fields or invalid compliance_mode |