Policy Management

Create and manage named policies that control how Protecto detects, masks, and treats sensitive data across your namespace.

Policy and metadata APIs let namespace admins define how Protecto identifies, masks, and treats personal data. Policies act as named configurations that can be attached to Mask and Unmask calls.

Policy management APIs are not available on trial accounts. A paid subscription and metadata_change permission are required.

What a policy controls

A policy is a named metadata configuration that controls:

Which entities are detected
Whether each entity is anonymizable (irreversible), pseudonymizable (reversible), or excluded (not masked)
The prefix and suffix used during masking

When a policy is passed to Mask or Unmask APIs, Protecto uses that policy's metadata instead of the default configuration.

Default policy behavior

When a policy is first created:

All supported entities are set to pseudonymizable (reversible)
Default prefixes and suffixes are applied
No entities are excluded

You then update the policy to move entities between categories or customize prefixes and suffixes.

API reference

Create Policy

Create a new policy with default metadata.

List Policies

Return all policies in the namespace.

View Policy Metadata

Retrieve entity-level metadata for a policy.

Update Entity Categories

Move entities between anonymizable, pseudonymizable, and excluded groups.

Update Prefixes & Suffixes

Customize the wrapping format for masked entity output.

Delete Policy

Remove a policy and all associated metadata.

Was this page helpful?

Last updated 3 weeks ago

Built with Documentation.AI