Authentication
Custodian Labs API requests use API key authentication.
Pass your Custodian Labs API key in the X-API-Key header.
X-API-Key: custodian_labs_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Get an API Key
API keys are generated from the Dashboard after you activate a plan.
For the full walkthrough, see Get Your API Key.
Use Environment Variables
For local testing, store your key as an environment variable:
export CUSTODIAN_API_KEY="your_api_key_here"
Store your API base URL separately:
export CUSTODIAN_API_BASE_URL="<your_api_base_url>"
Example Request
curl -X POST "$CUSTODIAN_API_BASE_URL/api/v1/deidentify/text/proprietary/outputs" \
-H "X-API-Key: $CUSTODIAN_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"text": "Please contact Jane Smith at jane.smith@example.com.",
"domain": "General",
"masking_type": "transform",
"pii_entities": ["ALL"]
}'
Security Guidance
- Do not expose your API key in browser-side code.
- Do not commit your key to source control.
- Do not paste real keys into public issues, screenshots, docs, or chat messages.
- Call Custodian Labs APIs from your backend, serverless function, or secure service layer.
- Rotate or revoke a key if it is accidentally exposed.
Common Authentication Status Codes
| Status | Meaning |
|---|---|
401 | The API key is missing, invalid, inactive, or not recognized. |
403 | The key exists but cannot be used, such as an expired key. |
429 | The key has reached token or request limits. |
For response examples, see Error Responses.