RespondoTracioCodeVeilTelmMeeto
AboutBlogContact

CodeVeil Data Protection

This guide shows how to protect sensitive data with CodeVeil: masking PII, using format-preserving obfuscation so your test data stays realistic, running large batch jobs of up to 10,000 records, and getting notified via webhooks when they finish.

Masking sensitive fields

CodeVeil masks PII, financial data, and health records while preserving format and referential integrity — the same customer maps to the same masked value everywhere it appears. Send records to the masking endpoint and describe which fields to protect:

curl -X POST https://api.keepflow.ai/v1/codeveil/mask \
  -H "Authorization: Bearer kf_your_api_key" \
  -H "Content-Type: application/json" \
  -d '{
    "records": [
      { "name": "Jane Doe", "email": "[email protected]", "iban": "DE89370400440532013000" }
    ],
    "fields": {
      "name": "name",
      "email": "email",
      "iban": "iban"
    }
  }'

Format-preserving obfuscation

The key to useful test data is that it must look and behave like the real thing. CodeVeil's obfuscated output keeps the same structure, types, and relationships as the original: an email stays a valid-looking email, an IBAN keeps its country code and checksum shape, a phone number keeps its pattern.

{
  "name": "Marta Lindqvist",
  "email": "[email protected]",
  "iban": "DE21500105174829471138"
}

Because the format is preserved, you can drop the masked dataset straight into a staging or test environment and every validation, join, and foreign-key relationship still works.

Batch processing

For large datasets, submit up to 10,000 records in a single request to the batch endpoint. The job runs asynchronously so you don't hold a connection open:

curl -X POST https://api.keepflow.ai/v1/codeveil/batch \
  -H "Authorization: Bearer kf_your_api_key" \
  -H "Content-Type: application/json" \
  -d '{
    "callback_url": "https://your-app.com/hooks/codeveil",
    "records": [ /* up to 10,000 records */ ],
    "fields": { "email": "email", "ssn": "national_id" }
  }'

The response returns a job ID you can use to poll status, or you can wait for the webhook.

{
  "data": { "job_id": "job_9f2a", "status": "processing", "record_count": 10000 }
}

Completion webhooks

Instead of polling, register a callback_url and CodeVeil will POST to it when the job is done. The payload uses the data.processed event:

{
  "event": "data.processed",
  "timestamp": "2026-07-17T09:12:00Z",
  "data": {
    "job_id": "job_9f2a",
    "status": "completed",
    "record_count": 10000,
    "download_url": "https://api.keepflow.ai/v1/codeveil/results/job_9f2a"
  }
}

Verify the X-KeepFlow-Signature header with your webhook secret before trusting the payload, then fetch the masked dataset from the download_url. Results are available for 24 hours after completion.