How do I integrate KI-Shield into my app?

Subscribe to the Enterprise plan (from EUR 49/month) and get access to the PII-Redaction REST API with unlimited API keys. Send a POST request to /v1/redact with your API key. Integration takes less than 5 minutes. An interactive Swagger UI is available at /docs for testing.

Are there rate limits?

API access is included in the Enterprise plan (from EUR 49/month) with unlimited requests and API keys. Full details are on ki-shield.eu/pricing.

Can I define custom PII categories?

42 PII categories, optimised for European data formats. Use excluded_entities to skip PII types, allowlist to protect specific words from detection (e.g. company names). min_length filters short-word false positives, placeholder allows custom placeholder formats.

How do I test the API?

An interactive Swagger UI is available at /docs where all 13 endpoints (detect, redact, pseudonymize, redact/zk, batch, verify and more) can be tested directly in the browser. The API is a standard REST API — integration works with any programming language via HTTP request.

For developers & SaaS

PII protection as an API.
3 lines of code.

Q: What is included in the compliance certificate?

Every API response includes a cryptographically signed certificate (Ed25519 + ML-DSA-65, post-quantum secure). It documents: timestamp, detected PII categories, applied protection (redaction/pseudonymisation) and a verification hash. Ideal for audit trails and GDPR documentation.

No refactoring. No mandatory SDK. Bring your own key. Detect, redact and pseudonymise personal data via REST API – with a signed compliance certificate for every request.

Get API key & test → View API docs

API access from €49/month • Unlimited requests

Live Demo

Try it yourself – in real time

Type on the left – on the right you see live what the AI receives instead. All personal data is replaced with placeholders automatically. No sign-in required.

Your input

Highlight a word to tag it manually as PII

What the AI sees

Detected PII — click to remove

Tag as PII

Ø 30 ms latency — real-time detection across 42 PII categories

Tip: Highlight a word in the input and tag it as PII • 46 recognisers • NER + regex + keyword

Start free now → Pricing from €0/month

3 lines to PII protection

Pick your language. Copy & paste. Done.

Two API paths available — same API key, both return signed certificates

/api/v1/... — simple integration with optional fields (allowlist, placeholder, min_length) and sensible defaults. Used in the code examples below.

/v1/... — strict schema validation with discriminator fields (mode: "server"|"split"|"zk-proven" on /v1/redact, action enum on /v1/batch items). Listed in the endpoint table below.

Both accept the X-API-Key header. Pick by use case — /api/v1/ for quick start, /v1/ for explicit schema control.

curl -X POST https://ki-shield.eu/api/v1/redact \
  -H "X-API-Key: kp-YOUR_KEY" \
  -H "Content-Type: application/json" \
  -d '{"text": "John Smith from Acme Ltd, IBAN GB29 NWBK...",
       "allowlist": ["Acme Ltd"],
       "placeholder": "[REDACTED]"}'
# => "[REDACTED] from Acme Ltd, IBAN [REDACTED]"

const res = await fetch('https://ki-shield.eu/api/v1/redact', {
  method: 'POST',
  headers: { 'X-API-Key': 'kp-YOUR_KEY', 'Content-Type': 'application/json' },
  body: JSON.stringify({
    text: 'John Smith from Acme Ltd',
    allowlist: ['Acme Ltd'],
    placeholder: '[REDACTED]'
  })
});
const { redacted, certificate } = await res.json();

import requests
r = requests.post('https://ki-shield.eu/api/v1/redact',
  headers={'X-API-Key': 'kp-YOUR_KEY'},
  json={'text': 'John Smith from Acme Ltd',
    'allowlist': ['Acme Ltd'],
    'placeholder': '[REDACTED]'})
print(r.json()['redacted'])

13 endpoints, 1 API

42 PII categories • Allowlist • Batch mode • Session-based pseudonyms • Custom placeholders

Which endpoint do I need?

All endpoints use the same API key. The difference lies in the result.

I want to …	Endpoint	Example
Check whether PII is present in text – without changing it	`/v1/detect`	Dashboard that shows: “3 names, 2 IBANs found”
Sanitise text before it goes to an AI model or third-party system	`/v1/redact`	Anonymise support tickets before they reach the CRM
Anonymise but keep references inside the text consistent	`/v1/pseudonymize`	Use chat history for training – “Person_A wrote to Person_B” stays consistent
Sanitise with maximum privacy guarantee – no logging, no caching	`/v1/redact/zk`	Law firm or medical practice that must prove no third party saw the data
Process many texts at once – detect, redact or pseudonymize per text	`/v1/batch`	Import 50 support tickets, emails or documents in a single call
Verify a compliance certificate publicly – without sign-in	`/v1/verify/{id}`	Auditor or customer verifies via link that PII processing took place
Calculate re-identification risk (score 0–100, factors, recommendation)	`/v1/risk-score`	Before exporting, check whether anonymised data is really safe
Generate a GDPR report with articles, categories and recommendations	`/v1/compliance-report`	Automated compliance report for data protection officers
Real-time PII detection via Server-Sent Events (SSE)	`/v1/redact/stream`	Live redaction while the user types – for chat UIs
Replace PII with irreversible SHA-256 hashes (one-way)	`/v1/tokenize`	Analytics pipeline that allows counting without re-identification
Compare PII landscape between two texts (before/after)	`/v1/diff`	Verify that no PII remains after manual editing
Classify text by PII domain (medical, financial, legal)	`/v1/classify`	Automatically assign incoming documents to the right protection class
Redaction + Unicode cleanup + control character removal in one call	`/v1/sanitize`	Sanitise user input before it is written to the database

POST /v1/detect

Detects PII and returns type, position and score. Use allowlist to protect specific words, min_length to avoid short-word false positives.

{
  "entities": [{
    "type": "PERSON",
    "text": "Max Mustermann",
    "score": 0.98
  }],
  "processing_time_ms": 32
}

POST /v1/redact

Redacts PII with placeholders. Use placeholder to choose your own format (***, [REDACTED]). Includes compliance certificate.

{
  "redacted": "[REDACTED] from Acme Ltd",
  "certificate": { "signature": "ed25519..." },
  "pii_found": [...]
}

POST /v1/pseudonymize

Consistent pseudonyms. With session_id the pseudonyms stay identical across calls – ideal for chat history.

{
  "pseudonymized": "[Person_1] in [City_1]",
  "session_id": "contract-42",
  "certificate": { ... }
}

POST /v1/redact/zk

Zero-Knowledge redaction: original text is neither stored nor logged. Maximum privacy for law firms and medical practices.

{
  "redacted": "<PERSON>, IBAN <IBAN>",
  "mode": "zero_knowledge",
  "certificate": { ... }
}

POST /v1/batch NEW

Up to 50 texts in a single request. Each text can have its own action (detect/redact/pseudonymize). Shared allowlist.

{
  "results": [
    { "id": "doc-1", "redacted": "..." },
    { "id": "doc-2", "entities": [...] }
  ],
  "total_items": 2
}

GET /v1/verify/{id} NEW

Public (no auth). Verifies the Ed25519 signature of a compliance certificate. Ideal for auditors and customers.

{
  "valid": true,
  "certificate": {
    "pii_types": ["PERSON", "IBAN"],
    "signature": "ed25519..."
  }
}

POST /v1/risk-score NEW

Calculate re-identification risk. Returns score (0–100), risk factors and recommendation.

{
  "score": 72,
  "risk_level": "high",
  "factors": [{
    "category": "direct_identifiers",
    "types": ["PERSON"],
    "impact": "high"
  }],
  "recommendation": "Anonymise immediately."
}

POST /v1/compliance-report NEW

Generate a GDPR report with relevant articles, PII categories and actionable recommendations.

{
  "compliance_risk": "medium",
  "categories": {
    "financial_data": {"sensitivity": "high"}
  },
  "relevant_articles": ["Art. 4 (1)", "Art. 6"],
  "has_special_categories": false
}

POST /v1/redact/stream NEW

Real-time PII detection via Server-Sent Events (SSE). Ideal for chat UIs with live redaction.

event: entity
data: {"type": "PERSON", "score": 0.99}

event: redacted
data: {"text": "<PERSON> lives in London"}

event: done
data: {"pii_count": 1}

POST /v1/tokenize NEW

Replace PII with irreversible SHA-256 hashes. One-way – ideal for analytics without re-identification.

{
  "tokenized": "[PERSON_a3f8c2e1] in London",
  "pii_count": 1,
  "token_types": {"PERSON": 1},
  "reversible": false
}

POST /v1/diff NEW

Compare the PII landscape of two texts. Shows added and removed PII in a before/after view.

{
  "text_a_pii_count": 3,
  "text_b_pii_count": 1,
  "delta_total": -2,
  "types_only_in_a": ["IBAN"],
  "types_in_both": ["PERSON"],
  "risk_reduced": true
}

POST /v1/classify NEW

Classify text by PII domain: medical, financial, legal or general.

{
  "primary_domain": "medical",
  "domains": {
    "medical": {"score": 0.5, "matching_types": ["HEALTH"]},
    "personal": {"score": 0.5, "matching_types": ["PERSON"]}
  },
  "requires_art9": true
}

POST /v1/sanitize NEW

Redaction + Unicode normalisation + control character removal – all in one call.

{
  "sanitized": "<PERSON> in London",
  "sanitization_steps": [
    "unicode_normalized",
    "invisible_chars_removed:2"
  ],
  "certificate": {"id": "uuid", "signature": "..."}
}

Built for developers

No abstraction in the way. No magic. Transparent API.

Hybrid Compliance Certificate

Ed25519 + ML-DSA-65 (post-quantum). Every response is cryptographically signed – audit-ready from day one.

Split/Zero-Knowledge Mode

AES-256-encrypted data. Even the operator cannot read anything. Your data, your control.

< 50 ms latency

PII detection in under 50 ms. EU servers (Hetzner, Germany). No round-trip to the USA.

OpenAPI/Swagger docs

Interactive API documentation at /docs. Test directly in the browser.

Standard REST API

JSON over HTTPS. Works with any language – cURL, Python, JavaScript, Go, Java. No proprietary dependencies.

BYOK – no vendor lock-in

Bring Your Own Key. Standard REST API. No proprietary protocol. Migrate at any time.

Pricing

Transparent & fair pricing

API access from the Enterprise plan. BYOK principle: bring your own AI provider key.

View all pricing & plans →

API access from €49/month • Unlimited API keys • RBAC

FAQ

Common questions from developers

Subscribe to the Starter plan (from €49/month) and get access to the PII-Redaction REST API with unlimited API keys. Send a POST request to /api/v1/redact with your API key as an X-API-Key header. Integration takes less than 5 minutes – without refactoring your existing architecture. An interactive Swagger UI is available at /docs for testing.

API access is included in the Starter plan (from €49/month) – with unlimited requests and API keys. Response headers return X-RateLimit-Remaining and X-RateLimit-Reset. Full details at ki-shield.eu/pricing.

Every API response includes a cryptographically signed certificate (Ed25519 + ML-DSA-65, post-quantum secure). It documents: timestamp, detected PII categories, applied protection (redaction/pseudonymisation) and a verification hash. Ideal for audit trails and GDPR documentation under Art. 30.

42 PII categories, optimised for European data formats. Use excluded_entities to skip PII types (e.g. ["IBAN"]). Use allowlist to protect specific words from detection (e.g. ["Acme Ltd"]). min_length filters short-word false positives. placeholder allows custom placeholder formats like [REDACTED] or ***.

An interactive Swagger UI is available at /docs where all 13 endpoints can be tested directly in the browser. The API is a standard REST API – integration works with any programming language via HTTP request (cURL, Python, JavaScript, Go, Java, etc.).

Ready to ship?

PII protection in your app – in under 5 minutes.

Get API key → Read API docs

PII protection as an API. 3 lines of code.