DLP APIs - Firewall for AI Platform
Firewall for AI DLP APIs enables developers to write custom code to sanitize data anywhere–RAG data sets, analytics data stores, data pipelines, and unsupported SaaS applications.
Provide a list of arbitrary string data, and scan each item with the provided detectors to uncover sensitive information. Returns a list equal in size to the number of provided string payloads. The item at each list index will be a list of all matches for the provided detectors, or an empty list if no occurrences are found.
The request body of the /v3/scan endpoint
A list of UUIDs referring to policies to use to scan the request payload. Policies can be built in the Nightfall Dashboard. Maximum 1.
The text sample(s) you wish to scan. This data is passed as a string list, so you may choose to segment your text into multiple items for better granularity. The aggregate size of your text (summed across all items in the list) must not exceed 500 KB for any individual request, and the number of items in that list may not exceed 50,000.
POST /v3/scan HTTP/1.1
Host: api.nightfall.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 1595
{
"policyUUIDs": [
"text"
],
"policy": {
"detectionRuleUUIDs": [
"text"
],
"detectionRules": [
{
"name": "text",
"logicalOp": "ANY",
"detectors": [
{
"minNumFindings": 1,
"minConfidence": "VERY_UNLIKELY",
"detectorUUID": "text",
"displayName": "text",
"detectorType": "NIGHTFALL_DETECTOR",
"nightfallDetector": "AMERICAN_BANKERS_CUSIP_ID",
"regex": {
"pattern": "text",
"isCaseSensitive": true
},
"wordList": {
"values": [
"text"
],
"isCaseSensitive": true
},
"contextRules": [
{
"regex": {
"pattern": "text",
"isCaseSensitive": true
},
"proximity": {
"windowBefore": 1,
"windowAfter": 1
},
"confidenceAdjustment": {
"fixedConfidence": "VERY_UNLIKELY"
}
}
],
"exclusionRules": [
{
"matchType": "PARTIAL",
"exclusionType": "REGEX",
"regex": {
"pattern": "text",
"isCaseSensitive": true
},
"wordList": {
"values": [
"text"
],
"isCaseSensitive": true
}
}
],
"redactionConfig": {
"maskConfig": {
"maskingChar": "text",
"charsToIgnore": [
"text"
],
"numCharsToLeaveUnmasked": 1,
"maskLeftToRight": true
},
"infoTypeSubstitutionConfig": {},
"substitutionConfig": {
"substitutionPhrase": "text"
},
"cryptoConfig": {
"publicKey": "text"
},
"removeFinding": true
},
"scope": "Content"
}
]
}
],
"contextBytes": 1,
"defaultRedactionConfig": {
"maskConfig": {
"maskingChar": "text",
"charsToIgnore": [
"text"
],
"numCharsToLeaveUnmasked": 1,
"maskLeftToRight": true
},
"infoTypeSubstitutionConfig": {},
"substitutionConfig": {
"substitutionPhrase": "text"
},
"cryptoConfig": {
"publicKey": "text"
},
"removeFinding": true
},
"alertConfig": {
"slack": {
"target": "text"
},
"email": {
"address": "text"
},
"url": {
"address": "text"
},
"siem": {
"address": "text",
"sensitiveHeaders": {
"ANY_ADDITIONAL_PROPERTY": "text"
},
"plainTextHeaders": {
"ANY_ADDITIONAL_PROPERTY": "text"
}
}
}
},
"payload": [
"text"
]
}{
"findings": [
[
{
"finding": "text",
"redactedFinding": "text",
"beforeContext": "text",
"afterContext": "text",
"detector": {
"name": "text",
"uuid": "123e4567-e89b-12d3-a456-426614174000",
"subdetector": {
"name": "text",
"uuid": "123e4567-e89b-12d3-a456-426614174000"
}
},
"confidence": "VERY_UNLIKELY",
"location": {
"byteRange": {
"start": 1,
"end": 1
},
"codepointRange": {
"start": 1,
"end": 1
}
},
"redactedLocation": {
"byteRange": {
"start": 1,
"end": 1
},
"codepointRange": {
"start": 1,
"end": 1
}
}
}
]
],
"redactedPayload": [
"text"
]
}Creates a new file upload session. If this operation returns successfully, the ID returned as part of the response object shall be used to refer to the file in all subsequent upload and scanning operations.
the number of bytes representing the size of the file to-be-uploaded.
POST /v3/upload HTTP/1.1
Host: api.nightfall.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 19
{
"fileSizeBytes": 1
}{
"id": "123e4567-e89b-12d3-a456-426614174000",
"fileSizeBytes": 1,
"chunkSize": 1,
"mimeType": "text"
}Upload all bytes contained in the request body to the file identified by the ID in the path parameter.
a file ID returned from a previous file creation request
The numeric offset at which the bytes contained in the body should be written. This offset must be a multiple of the chunk size returned when the file upload was created.
The payload bytes to upload; the size of the request body must exactly match the chunkSize that was returned when the file upload was created.
PATCH /v3/upload/{fileId} HTTP/1.1
Host: api.nightfall.ai
Authorization: Bearer YOUR_SECRET_TOKEN
X-Upload-Offset: 1
Content-Type: application/octet-stream
Accept: */*
No content
Validates that all bytes of the file have been uploaded, and that the content type is supported by Nightfall.
a file ID returned from a previous file creation request
POST /v3/upload/{fileId}/finish HTTP/1.1
Host: api.nightfall.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*
{
"id": "123e4567-e89b-12d3-a456-426614174000",
"fileSizeBytes": 1,
"chunkSize": 1,
"mimeType": "text"
}Triggers a scan of the file identified by the provided fileID. As the underlying file might be arbitrarily large, this scan is conducted asynchronously. Results from the scan are delivered to the webhook URL provided in the request payload.
a file ID returned from a previous file creation request
the UUID of the Detection Policy to be used with this scan. Exactly one of this field or "policy" should be provided.
A string containing arbitrary metadata. Callers may opt to use this to help identify their input file upon receiving a webhook response. Maximum length 10 KB.
POST /v3/upload/{fileId}/scan HTTP/1.1
Host: api.nightfall.ai
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 1672
{
"policyUUID": "123e4567-e89b-12d3-a456-426614174000",
"policy": {
"detectionRuleUUIDs": [
"123e4567-e89b-12d3-a456-426614174000"
],
"detectionRules": [
{
"name": "text",
"logicalOp": "ANY",
"detectors": [
{
"minNumFindings": 1,
"minConfidence": "VERY_UNLIKELY",
"detectorUUID": "text",
"displayName": "text",
"detectorType": "NIGHTFALL_DETECTOR",
"nightfallDetector": "AMERICAN_BANKERS_CUSIP_ID",
"regex": {
"pattern": "text",
"isCaseSensitive": true
},
"wordList": {
"values": [
"text"
],
"isCaseSensitive": true
},
"contextRules": [
{
"regex": {
"pattern": "text",
"isCaseSensitive": true
},
"proximity": {
"windowBefore": 1,
"windowAfter": 1
},
"confidenceAdjustment": {
"fixedConfidence": "VERY_UNLIKELY"
}
}
],
"exclusionRules": [
{
"matchType": "PARTIAL",
"exclusionType": "REGEX",
"regex": {
"pattern": "text",
"isCaseSensitive": true
},
"wordList": {
"values": [
"text"
],
"isCaseSensitive": true
}
}
],
"redactionConfig": {
"maskConfig": {
"maskingChar": "text",
"charsToIgnore": [
"text"
],
"numCharsToLeaveUnmasked": 1,
"maskLeftToRight": true
},
"infoTypeSubstitutionConfig": {},
"substitutionConfig": {
"substitutionPhrase": "text"
},
"cryptoConfig": {
"publicKey": "text"
},
"removeFinding": true
},
"scope": "Content"
}
]
}
],
"alertConfig": {
"slack": {
"target": "text"
},
"email": {
"address": "text"
},
"url": {
"address": "text"
},
"siem": {
"address": "text",
"sensitiveHeaders": {
"ANY_ADDITIONAL_PROPERTY": "text"
},
"plainTextHeaders": {
"ANY_ADDITIONAL_PROPERTY": "text"
}
}
},
"defaultRedactionConfig": {
"maskConfig": {
"maskingChar": "text",
"charsToIgnore": [
"text"
],
"numCharsToLeaveUnmasked": 1,
"maskLeftToRight": true
},
"infoTypeSubstitutionConfig": {},
"substitutionConfig": {
"substitutionPhrase": "text"
},
"cryptoConfig": {
"publicKey": "text"
},
"removeFinding": true
},
"enableFileRedaction": true
},
"requestMetadata": "text"
}{
"id": "123e4567-e89b-12d3-a456-426614174000",
"message": "text"
}Last updated
Was this helpful?