Skip to main content

Authentication

Custodian Labs API requests use API key authentication.

Pass your Custodian Labs API key in the X-API-Key header.

X-API-Key: custodian_labs_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Get an API Key

API keys are generated from the Dashboard after you activate a plan.

  1. Open the Dashboard.
  2. Go to API Keys.
  3. Reveal and copy the key for your active plan.

For the full walkthrough, see Get Your API Key.

Use Environment Variables

For local testing, store your key as an environment variable:

export CUSTODIAN_API_KEY="your_api_key_here"

Store your API base URL separately:

export CUSTODIAN_API_BASE_URL="<your_api_base_url>"

Example Request

curl -X POST "$CUSTODIAN_API_BASE_URL/api/v1/deidentify/text/proprietary/outputs" \
-H "X-API-Key: $CUSTODIAN_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"text": "Please contact Jane Smith at jane.smith@example.com.",
"domain": "General",
"masking_type": "transform",
"pii_entities": ["ALL"]
}'

Security Guidance

  • Do not expose your API key in browser-side code.
  • Do not commit your key to source control.
  • Do not paste real keys into public issues, screenshots, docs, or chat messages.
  • Call Custodian Labs APIs from your backend, serverless function, or secure service layer.
  • Rotate or revoke a key if it is accidentally exposed.

Common Authentication Status Codes

StatusMeaning
401The API key is missing, invalid, inactive, or not recognized.
403The key exists but cannot be used, such as an expired key.
429The key has reached token or request limits.

For response examples, see Error Responses.

Next Steps