Skip to content
PII API · Detect + Redact · OAuth 2.0 + JWT

PII API — Detect and Redact PII Before It Reaches Your AI

A REST PII API for engineers building AI features on real user data. PortEden fetches from email, drive, calendar, and SharePoint and returns it already redacted, so SSNs, PHI, account numbers, and secrets never reach the model, your logs, or a third-party processor.

See pricing

Free tier · No credit card required

Maps to
SOC 2
GDPR
HIPAA
CCPA
EU AI Act
Five-Minute Quickstart

One Call In. Redacted Data Out.

quickstart.sh
# Generate an API key from your dashboard at my.porteden.com,
# or run `porteden auth login` to mint one via the browser flow.
export PE_API_KEY=pe_k1_... 
 
# Read the inbox. PortEden detects and redacts PII before the response is built,
# so the body you receive has SSNs, cards, and secrets already stripped.
curl https://api.porteden.com/api/access/email/messages?q=invoice \ 
  -H "Authorization: Bearer $PE_API_KEY" 
 
# => "Body: \"SSN ███-██-████ ... Acct: ████-████-████\""
# Every detection and redaction is recorded in the audit log.
Full reference, including every endpoint and the redaction categories. Read the API reference
The Risk

What Goes Wrong Without PortEden

Your AI Pipeline Ships Raw PII to a Third-Party Model

You wired a mailbox or a database into a prompt. Every SSN, customer record, and credential in that data now flows to an external model in the clear. A PII API that runs after the fact cannot help: the exposure already happened.

Detection-Only APIs Leave You Holding the Raw Data

Many PII APIs take text and return a list of entities. You still fetched the raw data, you still have to redact it, and you still store the original somewhere. The sensitive copy never stopped existing in your perimeter.

You're Rebuilding Detection With Regex

Patterns for SSNs, allow-lists for domains, a half-trusted internal classifier. It misses the unstructured PII in free text, has no audit, and becomes a quarter of engineering time that is not your product.

How the PII API Protects Every Call

PII, PHI, and Secrets, Stripped at the Boundary.

Every response from PortEden is detected and redacted before it reaches your service. The model behind your service sees placeholders, not raw values.

Your data
Gmail
Outlook
Drive
SharePoint
PortEdenRedact
Your AI
Claude
ChatGPT
Copilot
GeminiGemini
Grok
Safe
Sensitive
Redacted
The Solution

Built For PII API

Detection and Redaction in One Call

Every response passes through a 50+ identifier classifier (SSN, EIN, PHI, credit card, IBAN, secret tokens, 120+ patterns) in under 200 ms. Detected values are replaced with stable placeholders the model can still reason about, never the underlying data.

Fetch-and-Redact, Not Detect-and-Hope

PortEden reads from the source system for you (Gmail, Outlook, Drive, OneDrive, SharePoint, Calendar, tasks) and returns it already redacted. Your service never holds the raw PII, so there is no original copy to leak.

Scoped Tokens, Not Raw OAuth

Mint a JWT scoped to one mailbox label, one Drive folder, one calendar, and a set of HTTP verbs, with an expiry. Revoke any token in a single call. Your agent never holds the user's Google or Microsoft refresh token.

Every Detection Audited

The API logs which categories fired, how many, and the allow-or-deny outcome on every call. Stream to Splunk, Datadog, or S3. Redaction stops being a black box and becomes evidence you can hand an auditor.

Endpoint Reference

The PII API Surface, Redacted by Default.

POST/api/auth/token/loginStart the browser login flow to mint a scoped API key.GET/api/access/email/messagesList or search inbox messages, PII redacted by default.GET/api/access/drive/filesSearch Drive / OneDrive with folder-scoped tokens, bodies redacted.GET/api/access/calendar/eventsList events with attendee and title redaction options.PUT/api/auth/token/{tokenId}/permissionsTune which redaction categories apply for a given token.POST/api/auth/token/{tokenId}/rulesAllow-list or block specific values, contacts, or domains.
See the full API reference →
With and Without PortEden

The Same Workflow, Two Very Different Outcomes

Summarizing a user's inbox with an LLM
Without
You fetch raw message bodies from Gmail's API and paste them into a prompt. Every SSN, card, and secret in the thread reaches the model in the clear.
With
PortEden returns the same message shape with sensitive values already redacted. The model gets the structure, never the PII.
Detecting PII in documents before indexing
Without
A detect-only API returns entity offsets. You still hold the raw files, still write the redaction, and still store the originals.
With
PortEden returns the document body already redacted, folder-scoped. There is no raw copy in your service to secure.
Tuning what counts as sensitive per use case
Without
You hard-code regex categories and redeploy every time the policy changes. No allow-list, no per-tenant override.
With
Toggle categories per token, allow-list known-safe values, and layer org-wide rules, all without a redeploy.
Proving to an auditor what was redacted
Without
Your redaction is a function call with no record. You cannot show which values were stripped on which request.
With
Per-call audit log of which categories fired and how many, exportable to your SIEM or as a signed CSV.
Keeping regulated data inside your perimeter
Without
Sending raw text to an external detection API routes the regulated data outside your boundary before detection even runs.
With
Run PortEden's redaction engine in your own VPC so PII is detected and stripped without leaving your network.
Ship the Integration

Five-Minute Quickstart. Free Tier, No Credit Card.

Mint a scoped token, run the curl, watch the redaction fire in the audit log. Free tier covers 1,000 calls per month.

See pricing

Frequently Asked Questions

What does the PortEden PII API do?
It reads data from your connected systems (email, calendar, drive, SharePoint, tasks) and returns it with personally identifiable information already detected and redacted. Instead of sending you raw data to clean, it strips SSNs, PHI, account numbers, credit cards, and secrets inline, so your service and any model behind it never receive the raw values.
How is this different from a detection-only PII API?
Detection-only APIs take text and return a list of entities; you still fetch the raw data and still store the original. PortEden's PII API fetches from the source for you and returns the data already redacted, so there is no raw copy in your perimeter to secure or leak. You can still tune categories and allow-list values per token.
What types of PII does it detect?
Out of the box, 50+ identifier types: SSN, EIN, credit card, IBAN, US and EU phone, IP, MAC, AWS/GCP/Azure secrets, JWTs, OAuth tokens, plus PHI patterns such as MRN, ICD, and NPI, and 120+ secret patterns. Categories are tunable per token via Access Rules.
Can I redact text I already have, not just fetch new data?
The API is built around fetch-and-redact: PortEden retrieves from the source system and redacts on the way out, which is what keeps raw data out of your perimeter. If your use case is to redact content you already hold, talk to us about the redaction engine, which can run in your VPC against your own inputs.
How fast is redaction?
The classifier runs in under 200 ms on a typical response, fast enough to sit inline on every call. Detection and redaction happen before the response body is returned, so there is no separate round trip.
Can I run the PII API inside my own VPC?
Yes. The detection and redaction engine ships as a single binary you can run in your VPC, with a Kubernetes Helm chart available. The audit log can write to your own S3, Splunk, or Datadog. This keeps regulated data inside your perimeter, which external text-redaction APIs cannot offer. Talk to sales for the deployment package.
Is there an audit record of what was redacted?
Yes. Every call logs which redaction categories fired, how many values were stripped, and the allow-or-deny outcome, attributable to a token and an AI client. Stream it to your SIEM or export a signed CSV. Compliance with HIPAA, GDPR, and other frameworks remains your responsibility; PortEden provides the technical control and the evidence.
What does the PII API cost?
Free tier covers 1,000 calls per month. Pro and Business tiers raise that to 10,000 calls per user per month and add tunable redaction and rules. Enterprise adds VPC deployment, custom SIEM destinations, and custom limits. See the pricing page for the full breakdown.

Keep Exploring

Ready to Strip the PII Before It Reaches Your Model?

Mint a scoped token, run the quickstart, watch the redaction fire in the audit log. Free tier covers 1,000 calls per month, no credit card.

See pricing

On-prem or 50k+ users? Talk to sales →