File De-identification
File De-identification lets you upload supported documents or tabular files and receive a de-identified file back.
Use this workflow when users need to process files instead of plain text strings.
Supported File Types
Guardian Layer supports these file upload workflows:
| File type | Endpoint | Output |
|---|---|---|
.csv | POST /api/v1/deidentify/text/proprietary/outputs/csv | De-identified CSV |
.xlsx | POST /api/v1/deidentify/text/proprietary/outputs/csv | De-identified XLSX |
.xls | POST /api/v1/deidentify/text/proprietary/outputs/csv | De-identified XLS |
.docx | POST /api/v1/deidentify/text/proprietary/outputs/docx | De-identified DOCX |
.pdf | POST /api/v1/deidentify/text/proprietary/outputs/pdf | De-identified PDF |
.txt | POST /api/v1/deidentify/text/proprietary/outputs/txt | De-identified TXT |
For Word documents, only .docx is accepted. Convert .doc files to .docx before upload.
How File Requests Work
File endpoints use multipart/form-data.
Each request includes the uploaded file plus optional settings:
| Field | Type | Required | Description |
|---|---|---|---|
file | file | Yes | The file to de-identify. |
domain | string | No | Detection domain. Supported values are General, Medical, Finance, and Custom. Defaults to General. |
pca_dimension | integer | No | Detection setting used by the endpoint. Supported values are 1, 2, and 3. Defaults to 2. |
masking_type | string | No | Use transform for readable replacements or redact for visible masking. Defaults to transform. |
pii_entities | string | No | Comma-separated entity categories, such as PERSON,PHONE_NUMBER. Leave empty or pass ALL to process all supported entities. |
For the full entity list, see Supported Entities.
Examples
For task-based examples, use the Guides:
For endpoint-level details, see File Endpoints.
Choosing Transform or Redact for Files
| Mode | What happens in files | Use when |
|---|---|---|
transform | Sensitive values are replaced with safer alternatives. | The file should remain readable and usable. |
redact | Sensitive values are replaced with masking marks. | The file should clearly hide sensitive values. |
For more detail, see Transform (Proprietary) and Redact / Masking / Placeholder.
Output Files
File endpoints return the processed file directly.
The response is intended to be downloaded or saved by your application. Output filenames are prefixed with deid_, such as:
deid_customers.csvdeid_case-notes.docxdeid_report.pdfdeid_notes.txt
Common Issues
| Issue | What to check |
|---|---|
| The file is rejected. | Confirm the file extension matches the endpoint. |
.doc upload fails. | Convert the file to .docx before upload. |
| PDF output has limited changes. | Confirm the PDF contains extractable text, not only scanned images. |
| Nothing is de-identified. | Try pii_entities=ALL or omit the field to process all supported entities. |
| Request fails due to quota. | Confirm the API key has enough remaining usage credits. |
Notes
- File upload requests should be made from your backend, not directly from the browser with a secret API key.
- Large files may take longer to process.
- The API consumes usage based on the amount of content processed.
- For scanned image-only PDFs, image de-identification is a separate capability and is not covered by this page.