API Keys

To call the PII Firewall REST API from your server, you need an API key (pf_live_xxx).

SDK doesn't need an API key

@pii-firewall/sdk runs locally and requires no API key. This page covers cloud-based processing via the REST API.

Getting an API Key

API keys are issued and managed in the Developer Console at piifirewall.com/console. Login is done via one-time email code (OTP) — no password required.

1. Go to the Developer Console

Open piifirewall.com/console.

2. Log in with email OTP

① Enter your email address and click "Send one-time code". ② Enter the 6-digit code from your email and click "Verify".

No password needed

The Developer Console uses email OTP (2-factor) only. A new code is sent each time you log in.

3. Issue a key

After logging in, click 🔑 API Key Management in the left sidebar. Enter a name for your key (e.g. My Server Key) and click Issue.

pf_live_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Keys are shown only once

Copy your key immediately after it's issued. It cannot be displayed again after you close the dialog.

4. Store it securely

bash

# Save in .env (never commit to Git)
PII_FIREWALL_API_KEY=pf_live_xxxxxxxxxx

Using your API key

curl

bash

curl -X POST https://pii-firewallproxy-production.up.railway.app/detect \
  -H "Authorization: Bearer pf_live_xxxxxxxxxx" \
  -H "Content-Type: application/json" \
  -d '{"text": "John Smith 090-1234-5678", "language": "en"}'

Node.js (fetch)

const res = await fetch("https://pii-firewallproxy-production.up.railway.app/detect", {
  method: "POST",
  headers: {
    "Authorization": `Bearer ${process.env.PII_FIREWALL_API_KEY}`,
    "Content-Type": "application/json",
  },
  body: JSON.stringify({ text: "090-1234-5678", language: "en" }),
});
const data = await res.json();
console.log(data.candidates); // detected PII

Monthly API call limits by plan

For per-plan limits and feature details, see Plans & Feature Limits.

When the limit is reached, the API returns HTTP 429.

Managing keys

All key management is done in the 🔑 API Key Management panel at piifirewall.com/console.

View usage

After logging in, the 🔑 API Key Management panel shows all your issued keys (prefix, name, plan, issue date) and this month's call count.

Revoke a key

Click Revoke next to the key you want to disable. Do this immediately if a key is compromised.

Available endpoints

Endpoint	Method	Description
`/detect`	POST	Detect PII (no masking)
`/mask`	POST	Mask PII
`/restore`	POST	Restore masked tokens
`/detect-injection`	POST	Detect prompt injection

See the REST API Reference for full details.

API Keys ​

Getting an API Key ​

1. Go to the Developer Console ​

2. Log in with email OTP ​

3. Issue a key ​

4. Store it securely ​

Using your API key ​

curl ​

Node.js (fetch) ​

Monthly API call limits by plan ​

Managing keys ​

View usage ​

Revoke a key ​

Available endpoints ​