Help Center/ Data Security Center/ API Reference/ API Description/ Dynamic Data Masking/ Masking Sensitive Data
Updated on 2023-12-07 GMT+08:00
View PDF

Masking Sensitive Data

Function

This API is used to mask sensitive data.

URI

POST /v1/{project_id}/data/mask

Table 1 Path Parameters

Parameter

Mandatory

Type

Description

project_id

Yes

String

Project ID.

Request Parameters

Table 2 Request header parameters

Parameter

Mandatory

Type

Description

X-Auth-Token

Yes

String

User token, which can be obtained by calling the IAM API (value of X-Subject-Token in the response header).
Table 3 Request body parameters

Parameter

Mandatory

Type

Description

mask_strategies

Yes

Array of MaskStrategies objects

List of sensitive data masking policies. The number of masking policies in a list cannot exceed 100. Each policy corresponds to a field.

data

Yes

Array of Map<String,Object> objects

Data list
Table 4 MaskStrategies

Parameter

Mandatory

Type

Description

name

Yes

String

Field name, which can contain a maximum of 256 characters.

algorithm

Yes

String

Name of a sensitive data masking algorithm. For details, see "Configuring a Dynamic Sensitive Data Masking Policy" in the appendix.

Enumeration values:

  • SHA256

  • SHA512

  • AES

  • PRESNM

  • MASKNM

  • PRESXY

  • MASKXY

  • SYMBOL

  • KEYWORD

  • NUMERIC

parameters

No

Map<String,Object>

Name of a sensitive data masking algorithm. For details, see "Dynamically Configuring a Sensitive Data Masking Policy" in the appendix.

Response Parameters

Status code: 200

Table 5 Response body parameters

Parameter

Type

Description

masked_data

Array of Map<String,Object> objects

List of masked data. The data structure is the same as that in the request.

Status code: 400

Table 6 Response body parameters

Parameter

Type

Description

error_code

String

Error Code

error_msg

String

Error Message

Example Requests

Specify in the masking policy list to use the KEYWORD masking algorithm to mask the "col" field by replacing the specified keyword with "target".

POST https://{endpoint}/v1/{project_id}/data/mask

{
  "mask_strategies" : {
    "name" : "col",
    "algorithm" : "KEYWORD",
    "parameters" : {
      "key" : "keyword",
      "target" : "target"
    }
  },
  "data" : {
    "col" : "keyword"
  }
}

Example Responses

Status code: 200

Sensitive data masked.

{
  "masked_data" : [ {
    "col" : "target"
  } ]
}

Status code: 400

Invalid request.

{
  "error_code" : "DSC.00000004",
  "error_msg" : "Invalid parameter"
}

Status Codes

Status Code

Description

200

Sensitive data masked.

400

Invalid request.

Error Codes

See Error Codes.

Parent topic: Dynamic Data Masking