Unmask

Restore original sensitive values from tokenized text. The API resolves all embedded entity tokens automatically — no token_name required.

curl -X PUT https://protecto-trial.protecto.ai/api/vault/unmask \
  -H "Authorization: Bearer YOUR_AUTH_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "unmask": [
      {
        "token_value": "<PER>VJYe 03W</PER>, an <NATIONALITY>Q534kH4v</NATIONALITY>, can be reached via email at <EMAIL>1AI0s@Uzm3a</EMAIL> or phone at <PHN>+8-065-029-0616</PHN>"
      }
    ]
  }'

import requests

response = requests.put(
    "https://protecto-trial.protecto.ai/api/vault/unmask",
    headers={
        "Authorization": "Bearer YOUR_AUTH_TOKEN",
        "Content-Type": "application/json"
    },
    json={
        "unmask": [
            {
                "token_value": "<PER>VJYe 03W</PER>, an <NATIONALITY>Q534kH4v</NATIONALITY>, can be reached via email at <EMAIL>1AI0s@Uzm3a</EMAIL> or phone at <PHN>+8-065-029-0616</PHN>"
            }
        ]
    }
)
print(response.json())

const response = await fetch(
  "https://protecto-trial.protecto.ai/api/vault/unmask",
  {
    method: "PUT",
    headers: {
      Authorization: "Bearer YOUR_AUTH_TOKEN",
      "Content-Type": "application/json",
    },
    body: JSON.stringify({
      unmask: [
        {
          token_value:
            "<PER>VJYe 03W</PER>, an <NATIONALITY>Q534kH4v</NATIONALITY>, can be reached via email at <EMAIL>1AI0s@Uzm3a</EMAIL> or phone at <PHN>+8-065-029-0616</PHN>",
        },
      ],
    }),
  }
);

{
  "data": [
    {
      "value": "John Doe, an American, can be reached via email at johndoe@example.com or phone at +1-123-456-7890",
      "token_value": "<PER>VJYe 03W</PER>, an <NATIONALITY>Q534kH4v</NATIONALITY>, can be reached via email at <EMAIL>1AI0s@Uzm3a</EMAIL> or phone at <PHN>+8-065-029-0616</PHN>",
      "toxicity_analysis": {
        "toxicity": 0.000597,
        "severe_toxicity": 0.000123,
        "obscene": 0.000191,
        "threat": 0.000120,
        "insult": 0.000177,
        "identity_attack": 0.000140
      }
    }
  ],
  "success": true,
  "error": {
    "message": ""
  }
}

Use this to unmask tokenized free-form text typically produced by auto-detect masking, where multiple entity tokens are embedded in a single string.

Endpoint details

METHOD: PUT

Method	Route	Headers
PUT	`/api/vault/unmask`	`Authorization: Bearer YOUR_AUTH_TOKEN`

To get the Authkey please contact help@protecto.ai

Request body

body

unmaskarray

Required

List of tokenized values to unmask.

body

unmask[].token_valuestring

Required

Tokenized text containing one or more embedded entity tokens (e.g., <PERSON>VJYe 03W</PERSON>). The API resolves all tokens automatically — token_name is not required.

Response fields

valuestring

Required

The fully unmasked original text with all tokens resolved.

token_valuestring

Required

The original tokenized input, echoed back.

toxicity_analysisobject

Toxicity scores evaluated on the unmasked content. See Toxicity in Unmask API for details.

Security considerations

Restrict unmasking to trusted services and users
Enforce role-based access control and audit all unmask operations
Use unmasking only when strictly required by the workflow
Ensure compliance with applicable data protection regulations before unmasking

Was this page helpful?

Last updated 1 day ago

Built with Documentation.AI