Sensitive data discovery (SDD) API reference guide
In previous documentation, rule and pattern are referred to as classifier or identifier, and framework is referred to as template.
To run this pattern against your data, ensure it is added to a framework.
POST /sdd/classifier
Create a pattern.
| Attribute | Description | Required |
|---|---|---|
The following request creates a pattern, saved in example-payload.json.
POST /sdd/template
Create an identification framework.
The following request creates an identification framework that contains 2 rules, saved in example-payload.json.
GET /sdd/classifier
List or search patterns.
The following request lists 5 patterns.
GET /sdd/template
List or search identification frameworks.
The following request lists all identification frameworks.
GET /sdd/classifier/{classifierName}
Get a pattern by name.
This request gets the pattern named MY_REGEX_PATTERN.
GET /sdd/template/{templateName}
Get an identification framework by name.
This request gets the identification framework named MY_FIRST_FRAMEWORK.
GET /sdd/template/global
View the current global framework.
This request gets the current global framework information.
PUT /sdd/template/apply
Apply an identification framework to a set of data sources.
This request applies the MY_FIRST_FRAMEWORK framework to the Public Case data source.
POST /sdd/run
Run SDD on specified data sources.
This request runs SDD on the data source Public Case.
This request runs SDD on all your data sources.
This request runs SDD on the Medical Claims data source with the PII_REVISION framework, but will not tag any columns if matches are found.
PUT /sdd/classifier/{classifierName}
Update a pattern. Partial updates are not supported.
The following request updates the name and description of the MY_REGEX_PATTERN pattern.
Payload example
POST /sdd/template/{templateName}/clone
Clone an identification framework.
This request clones the MY_FIRST_FRAMEWORK identification framework.
Payload example
PUT /sdd/template/{templateName}
Update an identification framework.
The following request updates the name of, description of, and rules in the MY_FIRST_FRAMEWORK identification framework.
Payload example
DELETE /sdd/classifier/{classifierName}
Delete a pattern.
The following request deletes the REGULAR_EXPRESSION pattern.
DELETE /sdd/template/{templateName}
Delete an identification framework.
The following request deletes the HEALTH_DATA identification framework.
| Attribute | Description |
|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Method | Path | Purpose |
|---|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Method | Path | Purpose |
|---|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Method | Path | Purpose |
|---|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
name
string Unique, request-friendly pattern name.
Yes
displayName
string Unique, human-readable pattern name.
Yes
description
string The pattern description.
Yes
type
string The type of pattern: regex, dictionary, columnNameRegex, or builtIn.
Yes
config
object The configuration of the pattern, which includes config.values, config.caseSensitive, config.regex, config.columnNameRegex, and config.tags.
Yes
config.tags
array[string] The default resulting tags to apply when the pattern is matched; they must begin with Discovered . .
No
config.regex
string A case-insensitive regular expression to match against column values. The pattern must have regex, columnNameRegex, or values to match to data.
No
config.columnNameRegex
string A case-insensitive regular expression to match against column names. The pattern must have regex, columnNameRegex, or values to match to data.
No
config.values
array[string] The list of words included in the dictionary to match against column values. The pattern must have regex, columnNameRegex, or values to match to data.
No
config.caseSensitive
boolean Indicates whether or not values are case sensitive. Defaults to false.
No
createdBy
array Includes details about the user who created the pattern, such as their profile id, name, and email.
name
string Unique, request-friendly pattern name.
displayName
string Unique, human-readable pattern name.
description
string The pattern description.
type
string The type of pattern: regex, dictionary, columnNameRegex, or builtIn.
config
object The configuration of the pattern, which includes config.values, config.caseSensitive, config.regex, config.columnNameRegex, and config.tags.
config.tags
array[string] The default resulting tags to apply to the data source when the pattern is matched.
config.columnNameRegex
string A case-insensitive regular expression to match against column names.
config.regex
string A case-insensitive regular expression to match against column values.
config.values
array[string] The list of words included in the dictionary to match against column values.
config.caseSensitive
boolean Indicates whether or not values are case sensitive.
createdAt
date When the pattern was created.
updatedAt
date When the pattern was last updated.
name
string Unique, request-friendly framework name.
Yes
displayName
string Unique, human-readable framework name.
Yes
description
string The framework description.
Yes
classifiers
array The patterns to include in the framework and any additional overrides for those patterns.
Yes
classifiers.name
string The name of the pattern to include in the framework.
Yes
classifiers.overrides
array The overrides to modify the pattern for this framework.
No
classifiers.overrides.tags
array The resulting tags to apply when the pattern is matched. These tags will override the pattern's default tags and must begin with Discovered . .
No
id
integer The unique ID of the framework.
createdBy
array Includes details about the user who created the framework, such as their profile id, name, and email.
name
string Unique, request-friendly framework name.
displayName
string Unique, human-readable framework name.
description
string The framework description.
classifiers
array The rules in the framework and any overrides for those rules.
createdAt
date When the framework was created.
updatedAt
date When the framework was last updated.
GET
sdd/classifier
GET
sdd/template
GET
sdd/classifier/{classifierName}
GET
sdd/template/{templateName}
GET
sdd/template/global
sortField
string The field by which to sort the search results: id, name, displayName, type, createdAt, or updatedAt.
No
sortOrder
string Denotes whether to sort the results in ascending (asc) or descending (desc) order. Default is asc.
No
offSet
integer Use in combination with limit to fetch pages.
No
limit
integer Limits the number of results displayed per page.
No
type
array[string] Searches based on pattern type: regex, dictionary, builtIn, or columnNameRegex.
No
searchText
string A partial, case-insensitive search on name.
No
count
integer The number of pattern found matching the search criteria.
createdBy
array Includes details about the user who created the pattern, such as their profile id, name, and email.
name
string Unique, request-friendly pattern name.
displayName
string Unique, human-readable pattern name.
description
string The pattern description.
type
string The type of pattern: regex, dictionary, columnNameRegex, or builtIn.
config
object The configuration of the pattern, which includes config.values, config.caseSensitive, config.regex, config.columnNameRegex, and config.tags.
config.tags
array[string] The default resulting tags to apply when the pattern is matched.
config.columnNameRegex
string A case-insensitive regular expression to optionally match against column names.
config.regex
string A case-insensitive regular expression to match against column values.
config.values
array[string] The list of words included in the dictionary to match against column values.
config.caseSensitive
boolean Indicates whether or not values are case sensitive.
createdAt
date When the pattern was created.
updatedAt
date When the pattern was last updated.
sortField
string The field by which to sort the search results: id, name, displayName, type, createdAt, or updatedAt.
No
sortOrder
string Denotes whether to sort the results in ascending (asc) or descending (desc) order. Default is asc.
No
offSet
integer Use in combination with limit to fetch pages.
No
limit
integer Limits the number of results displayed per page.
No
classifiers
array[string] Filters framework results to those containing the specified patterns.
No
searchText
string A partial, case-insensitive search on the framework name.
No
count
integer The number of identification frameworks found matching the search criteria.
id
integer The unique ID of the framework.
createdBy
array Includes details about the user who created the framework, such as their profile id, name, and email.
name
string Unique, request-friendly framework name.
displayName
string Unique, human-readable framework name.
description
string The framework description.
classifiers
array The rules in the framework and any overrides for those rules.
createdAt
date When the framework was created.
updatedAt
date When the framework was last updated.
classifierName
string The name of the pattern.
Yes
id
integer The unique ID of the pattern.
createdBy
array Includes details about the user who created the pattern, such as their profile id, name, and email.
name
string Unique, request-friendly pattern name.
displayName
string Unique, human-readable pattern name.
description
string The pattern description.
type
string The type of pattern: regex, dictionary, columnNameRegex, or builtIn.
config
object The configuration of the pattern, which includes config.values, config.caseSensitive, config.regex, config.columnNameRegex, and config.tags.
config.tags
array[string] The name of the resulting tags to apply to the data source.
config.columnNameRegex
string A case-insensitive regular expression to optionally match against column names.
config.regex
string A case-insensitive regular expression to match against column values.
config.values
array[string] The list of words included in the dictionary to match against column values.
config.caseSensitive
boolean Indicates whether or not values are case sensitive.
createdAt
date When the pattern was created.
updatedAt
date When the pattern was last updated.
templateName
string The name of the identification framework.
Yes
id
integer The unique ID of the framework.
createdBy
array Includes details about the user who created the framework, such as their profile id, name, and email.
name
string Unique, request-friendly framework name.
displayName
string Unique, human-readable framework name.
description
string The framework description.
classifiers
array The rules in the framework and any overrides for those rules.
createdAt
date When the framework was created.
updatedAt
date When the framework was last updated.
id
integer The unique ID of the framework.
name
string Unique, request-friendly framework name.
displayName
string Unique, human-readable framework name.
description
string The framework description.
classifiers
array The rules in the framework and any overrides for those rules.
createdBy
array Includes details about the user who created the framework, such as their profile id, name, and email.
createdAt
date When the framework was created.
updatedAt
date When the framework was last updated.
template
string The name of the identification framework to apply to the data sources. null to clear current framework, and the data source will use the global framework.
Yes
sources
string The name of the data sources to apply the framework to.
Yes
success
boolean When true, the request was successful.
sources
string The name of the data sources to apply the identification framework to.
Yes
all
boolean If true, SDD will run on all Immuta data sources.
No
wait
integer The number of seconds to wait for the SDD jobs to finish. The value -1 will wait until the jobs complete. Default is -1.
No
dryRun
boolean When true, SDD will not update the tags on the data source(s). Instead of applying tags, SDD returns the tags that would be applied to the data source. This allows users to evaluate whether or not rules or frameworks are applying tags correctly without updating the data source. Default is false.
No
template
string If passed, Immuta will run SDD with this framework instead of the applied framework on the data source(s). Passing template when dryRun is false will cause an error.
No
id
string The unique identifier of the job.
state
string The job state. Statuses include created, retry, active, completed, expired, cancelled, or failed.
output
array[string] Information about the tags applied on the data source, including diff (added and removed tags) and the current state of allTags on all columns in the data sources.
PUT
/sdd/classifier/{classifierName}
POST
sdd/classifier/template/{templateName}/clone
PUT
/sdd/template/{templateName}
classifierName
string The name of the pattern to update.
Yes
name
string Unique, request-friendly pattern name.
Yes
displayName
string Unique, human-readable pattern name.
Yes
description
string The pattern description.
Yes
type
string The type of pattern: regex, dictionary, columnNameRegex, or builtIn.
Yes
config
object The configuration of the pattern, which includes config.values, config.caseSensitive, config.regex, config.columnNameRegex, and config.tags.
Yes
config.tags
array[string] The default resulting tags to apply when the pattern is matched; they must begin with Discovered . .
No
config.regex
string A case-insensitive regular expression to match against column values. The pattern must have regex, columnNameRegex, or values to match to data.
No
config.columnNameRegex
string A case-insensitive regular expression to match against column names. The pattern must have regex, columnNameRegex, or values to match to data.
No
config.values
array[string] The list of words included in the dictionary to match against column values. The pattern must have regex, columnNameRegex, or values to match to data.
No
config.caseSensitive
boolean Indicates whether or not values are case sensitive. Defaults to false.
No
createdBy
array Includes details about the user who created the pattern, such as their profile id, name, and email.
name
string Unique, request-friendly pattern name.
displayName
string Unique, human-readable pattern name.
description
string The pattern description.
type
string The type of pattern: regex, dictionary, columnNameRegex, or builtIn.
config
object The configuration of the pattern, which includes config.values, config.caseSensitive, config.regex, config.columnNameRegex, and config.tags.
config.tags
array[string] The default resulting tags to apply to the data source when the pattern is matched.
config.columnNameRegex
string A case-insensitive regular expression to match against column names.
config.regex
string A case-insensitive regular expression to match against column values.
config.values
array[string] The list of words included in the dictionary to match against column values.
config.caseSensitive
boolean Indicates whether or not values are case sensitive.
createdAt
date When the pattern was created.
updatedAt
date When the pattern was last updated.
templateName
string The name of the identification framework to clone.
Yes
name
string Unique, request-friendly framework name for the cloned framework.
Yes
displayName
string Unique, human-readable framework name for the cloned framework.
Yes
description
string The cloned framework description.
No
id
integer The unique ID of the framework.
createdBy
array Includes details about the user who created the framework, such as their profile id, name, and email.
name
string Unique, request-friendly framework name.
displayName
string Unique, human-readable framework name.
description
string The framework description.
classifiers
array The rules in the framework and any overrides for those rules.
createdAt
date When the framework was created.
updatedAt
date When the framework was last updated.
templateName
string The name of the identification framework to update.
Yes
name
string Unique, request-friendly framework name.
Yes
displayName
string Unique, human-readable framework name.
Yes
description
string The framework description.
Yes
classifiers
array The patterns to include in the framework and any additional overrides for those patterns.
Yes
classifiers.name
string The name of the pattern to include in the framework.
Yes
classifiers.overrides
array The overrides to modify the pattern for this framework.
No
classifiers.overrides.tags
array The resulting tags to apply when the pattern is matched. These tags will override the pattern's default tags and must begin with Discovered . .
No
id
integer The unique ID of the framework.
createdBy
array Includes details about the user who created the framework, such as their profile id, name, and email.
name
string Unique, request-friendly framework name.
displayName
string Unique, human-readable framework name.
description
string The framework description.
classifiers
array The rules in the framework and any overrides for those rules.
createdAt
date When the framework was created.
updatedAt
date When the framework was last updated.
DELETE
/sdd/classifier/{classifierName}
DELETE
/sdd/template/{templateName}
classifierName
string The name of the pattern to delete.
Yes
createdBy
array Includes details about the user who created the pattern, such as their profile id, name, and email.
name
string Unique, request-friendly pattern name.
displayName
string Unique, human-readable pattern name.
description
string The pattern description.
type
string The type of pattern: regex, dictionary, columnNameRegex, or builtIn.
config
object The configuration of the pattern, which includes config.values, config.caseSensitive, config.regex, config.columnNameRegex, and config.tags.
config.tags
array[string] The default resulting tags to apply to the data source when the pattern is matched.
config.columnNameRegex
string A case-insensitive regular expression to match against column names.
config.regex
string A case-insensitive regular expression to match against column values.
config.values
array[string] The list of words included in the dictionary to match against column values.
config.caseSensitive
boolean Indicates whether or not values are case sensitive.
createdAt
date When the pattern was created.
updatedAt
date When the pattern was last updated.
templateName
string The name of the identification framework to delete.
Yes
id
integer The unique ID of the framework.
createdBy
array Includes details about the user who created the framework, such as their profile id, name, and email.
name
string Unique, request-friendly framework name.
displayName
string Unique, human-readable framework name.
description
string The framework description.
classifiers
array The rules in the framework and any overrides for those rules.
createdAt
date When the framework was created.
updatedAt
date When the framework was last updated.