Sensitive data discovery (SDD) API reference guide
To run this identifier against your data, ensure it is added to a framework.
POST /sdd/classifier
Create an identifier.
| Attribute | Description | Required |
|---|---|---|
The following request creates an identifier, saved in example-payload.json.
POST /sdd/template
Create an identification framework.
The following request creates an identification framework that contains 2 identifiers, saved in example-payload.json.
GET /sdd/classifier
List or search identifiers.
The following request lists 5 identifiers.
GET /sdd/template
List or search identification frameworks.
The following request lists all identification frameworks.
GET /sdd/classifier/{classifierName}
Get an identifier by name.
This request gets the identifier named MY_REGEX_IDENTIFIER.
GET /sdd/template/{templateName}
Get an identification framework by name.
This request gets the identification framework named MY_FIRST_FRAMEWORK.
GET /sdd/template/global
View the current global framework.
This request gets the current global framework information.
PUT /sdd/template/apply
Apply an identification framework to a set of data sources.
This request applies the MY_FIRST_FRAMEWORK framework to the Public Case data source.
POST /sdd/run
Run SDD on specified data sources.
This request runs SDD on the data source Public Case.
This request runs SDD on all your data sources.
This request runs SDD on the Medical Claims data source with the PII_REVISION framework, but will not tag any columns if matches are found.
PUT /sdd/classifier/{classifierName}
Update an identifier. Partial updates are not supported.
The following request updates the name and description of the MY_REGEX_IDENTIFIER identifier.
Payload example
POST /sdd/template/{templateName}/clone
Clone an identification framework.
This request clones the MY_FIRST_FRAMEWORK identification framework.
Payload example
PUT /sdd/template/{templateName}
Update an identification framework.
The following request updates the name of, description of, and identifiers in the MY_FIRST_FRAMEWORK identification framework.
Payload example
DELETE /sdd/classifier/{classifierName}
Delete an identifier.
The following request deletes the REGULAR_EXPRESSION identifier.
DELETE /sdd/template/{templateName}
Delete an identification framework.
The following request deletes the HEALTH_DATA identification framework.
| Attribute | Description |
|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Method | Path | Purpose |
|---|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Method | Path | Purpose |
|---|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Method | Path | Purpose |
|---|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
| Attribute | Description | Required |
|---|---|---|
| Attribute | Description |
|---|---|
name
string Unique, request-friendly identifier name. Must be uppercase letters or numbers.
Yes
displayName
string Unique, human-readable identifier name.
Yes
description
string The identifier description.
Yes
type
string The type of identifier: regex, dictionary, columnNameRegex, or builtIn.
Yes
config
object The configuration of the identifier, which includes config.values, config.caseSensitive, config.regex, config.columnNameRegex, and config.tags. The config object must include one of the following: config.regex, config.columnNameRegex, or config.values.
Yes
config.tags
array[string] The default resulting tags to apply when the identifier is matched; they must begin with Discovered . .
No
config.regex
string A case-insensitive regular expression to match against column values.
No
config.columnNameRegex
string A case-insensitive regular expression to match against column names.
No
config.values
array[string] The list of words included in the dictionary to match against column values.
No
config.caseSensitive
boolean Indicates whether or not values are case sensitive. Defaults to false.
No
config.minConfidence
integer Apply tags when the identifier match is at least this percentage. Not supported for native SDD. Must be between 0 and 1.
Yes
createdBy
array Includes details about the user who created the identifier, such as their profile id, name, and email.
name
string Unique, request-friendly identifier name.
displayName
string Unique, human-readable identifier name.
description
string The identifier description.
type
string The type of identifier: regex, dictionary, columnNameRegex, or builtIn.
config
object The configuration of the identifier, which includes config.values, config.caseSensitive, config.regex, config.columnNameRegex, and config.tags.
config.tags
array[string] The default resulting tags to apply to the data source when the identifier is matched.
config.columnNameRegex
string A case-insensitive regular expression to match against column names.
config.regex
string A case-insensitive regular expression to match against column values.
config.values
array[string] The list of words included in the dictionary to match against column values.
config.caseSensitive
boolean Indicates whether or not values are case sensitive.
config.minConfidence
integer Apply tags when the identifier match is at least this percentage. Not supported for native SDD.
createdAt
date When the identifier was created.
updatedAt
date When the identifier was last updated.
name
string Unique, request-friendly framework name. Must be uppercase letters or numbers.
Yes
displayName
string Unique, human-readable framework name.
Yes
description
string The framework description.
Yes
classifiers
array The identifiers to include in the framework and any additional overrides for those identifiers.
Yes
classifiers.name
string The name of the identifier to include in the framework.
Yes
classifiers.overrides
array The overrides to modify the identifier for this framework.
No
classifiers.overrides.tags
array The resulting tags to apply when the identifier is matched. These tags will override the identifier's default tags and must begin with Discovered . .
No
id
integer The unique ID of the framework.
createdBy
array Includes details about the user who created the framework, such as their profile id, name, and email.
name
string Unique, request-friendly framework name.
displayName
string Unique, human-readable framework name.
description
string The framework description.
classifiers
array The identifiers in the framework and any overrides for those identifiers.
createdAt
date When the framework was created.
updatedAt
date When the framework was last updated.
GET
sdd/classifier
GET
sdd/template
GET
sdd/classifier/{classifierName}
GET
sdd/template/{templateName}
GET
sdd/template/global
sortField
string The field to sort the search results: id, name, displayName, type, createdAt, or updatedAt.
No
sortOrder
string Denotes whether to sort the results in ascending (asc) or descending (desc) order. Default is asc.
No
offSet
integer Use in combination with limit to fetch pages.
No
limit
integer Limits the number of results displayed per page.
No
type
array[string] Searches based on identifier type: regex, dictionary, builtIn, or columnNameRegex.
No
searchText
string A partial, case-insensitive search on name.
No
count
integer The number of identifiers found matching the search criteria.
createdBy
array Includes details about the user who created the identifier, such as their profile id, name, and email.
name
string Unique, request-friendly identifier name.
displayName
string Unique, human-readable identifier name.
description
string The identifier description.
type
string The type of identifier: regex, dictionary, columnNameRegex, or builtIn.
config
object The configuration of the identifier, which includes config.values, config.caseSensitive, config.regex, config.columnNameRegex, and config.tags.
config.tags
array[string] The default resulting tags to apply when the identifier is matched.
config.columnNameRegex
string A case-insensitive regular expression to optionally match against column names.
config.regex
string A case-insensitive regular expression to match against column values.
config.values
array[string] The list of words included in the dictionary to match against column values.
config.caseSensitive
boolean Indicates whether or not values are case sensitive.
createdAt
date When the identifier was created.
updatedAt
date When the identifier was last updated.
sortField
string The field to sort the search results: id, name, displayName, type, createdAt, or updatedAt.
No
sortOrder
string Denotes whether to sort the results in ascending (asc) or descending (desc) order. Default is asc.
No
offSet
integer Use in combination with limit to fetch pages.
No
limit
integer Limits the number of results displayed per page.
No
classifiers
array[string] Filters framework results to those containing the specified identifiers.
No
searchText
string A partial, case-insensitive search on the framework name.
No
count
integer The number of identification frameworks found matching the search criteria.
id
integer The unique ID of the framework.
createdBy
array Includes details about the user who created the framework, such as their profile id, name, and email.
name
string Unique, request-friendly framework name.
displayName
string Unique, human-readable framework name.
description
string The framework description.
classifiers
array The identifiers in the framework and any overrides for those identifiers.
createdAt
date When the framework was created.
updatedAt
date When the framework was last updated.
classifierName
string The name of the identifier.
Yes
id
integer The unique ID of the identifier.
createdBy
array Includes details about the user who created the identifier, such as their profile id, name, and email.
name
string Unique, request-friendly identifier name.
displayName
string Unique, human-readable identifier name.
description
string The identifier description.
type
string The type of identifier: regex, dictionary, columnNameRegex, or builtIn.
config
object The configuration of the identifier, which includes config.values, config.caseSensitive, config.regex, config.columnNameRegex, and config.tags.
config.tags
array[string] The name of the resulting tags to apply to the data source.
config.columnNameRegex
string A case-insensitive regular expression to optionally match against column names.
config.regex
string A case-insensitive regular expression to match against column values.
config.values
array[string] The list of words included in the dictionary to match against column values.
config.caseSensitive
boolean Indicates whether or not values are case sensitive.
createdAt
date When the identifier was created.
updatedAt
date When the identifier was last updated.
templateName
string The name of the identification framework.
Yes
id
integer The unique ID of the framework.
createdBy
array Includes details about the user who created the framework, such as their profile id, name, and email.
name
string Unique, request-friendly framework name.
displayName
string Unique, human-readable framework name.
description
string The framework description.
classifiers
array The identifiers in the framework and any overrides for those identifiers.
createdAt
date When the framework was created.
updatedAt
date When the framework was last updated.
id
integer The unique ID of the framework.
name
string Unique, request-friendly framework name.
displayName
string Unique, human-readable framework name.
description
string The framework description.
classifiers
array The identifiers in the framework and any overrides for those identifiers.
createdBy
array Includes details about the user who created the framework, such as their profile id, name, and email.
createdAt
date When the framework was created.
updatedAt
date When the framework was last updated.
template
string The name of the identification framework to apply to the data sources. null to clear current framework, and the data source will use the global framework.
Yes
sources
string The name of the data sources to apply the framework to.
Yes
success
boolean When true, the request was successful.
sources
string The name of the data sources to apply the identification framework to.
Yes
all
boolean If true, SDD will run on all Immuta data sources.
No
wait
integer The number of seconds to wait for the SDD jobs to finish. The value -1 will wait until the jobs complete. Default is -1.
No
dryRun
boolean When true, SDD will not update the tags on the data source(s). Instead of applying tags, SDD returns the tags that would be applied to the data source. This allows users to evaluate whether or not identifiers or frameworks are applying tags correctly without updating the data source. Default is false.
No
template
string If passed, Immuta will run SDD with this framework instead of the applied framework on the data source(s). Passing template when dryRun is false will cause an error.
No
id
string The unique identifier of the job.
state
string The job state. Statuses include created, retry, active, completed, expired, cancelled, or failed.
output
array[string] Information about the tags applied on the data source, including diff (added and removed tags) and the current state of allTags on all columns in the data sources.
PUT
/sdd/classifier/{classifierName}
POST
sdd/classifier/template/{templateName}/clone
PUT
/sdd/template/{templateName}
classifierName
string The name of the identifier to update.
Yes
name
string Unique, request-friendly identifier name. Must be uppercase letters or numbers.
Yes
displayName
string Unique, human-readable identifier name.
Yes
description
string The identifier description.
Yes
type
string The type of identifier: regex, dictionary, columnNameRegex, or builtIn.
Yes
config
object The configuration of the identifier, which includes config.values, config.caseSensitive, config.regex, config.columnNameRegex, and config.tags. The config object must contain one of the following: config.regex, config.columnNameRegex, or config.values.
Yes
config.tags
array[string] The default resulting tags to apply when the identifier is matched; they must begin with Discovered . .
No
config.regex
string A case-insensitive regular expression to match against column values.
No
config.columnNameRegex
string A case-insensitive regular expression to match against column names.
No
config.values
array[string] The list of words included in the dictionary to match against column values.
No
config.caseSensitive
boolean Indicates whether or not values are case sensitive. Defaults to false.
No
config.minConfidence
integer Apply tags when the identifier match is at least this percentage. Not supported for native SDD. Must be between 0 and 1.
Yes
createdBy
array Includes details about the user who created the identifier, such as their profile id, name, and email.
name
string Unique, request-friendly identifier name.
displayName
string Unique, human-readable identifier name.
description
string The identifier description.
type
string The type of identifier: regex, dictionary, columnNameRegex, or builtIn.
config
object The configuration of the identifier, which includes config.values, config.caseSensitive, config.regex, config.columnNameRegex, and config.tags.
config.tags
array[string] The default resulting tags to apply to the data source when the identifier is matched.
config.columnNameRegex
string A case-insensitive regular expression to match against column names.
config.regex
string A case-insensitive regular expression to match against column values.
config.values
array[string] The list of words included in the dictionary to match against column values.
config.caseSensitive
boolean Indicates whether or not values are case sensitive.
createdAt
date When the identifier was created.
updatedAt
date When the identifier was last updated.
templateName
string The name of the identification framework to clone.
Yes
name
string Unique, request-friendly framework name for the cloned framework.
Yes
displayName
string Unique, human-readable framework name for the cloned framework.
Yes
description
string The cloned framework description.
No
id
integer The unique ID of the framework.
createdBy
array Includes details about the user who created the framework, such as their profile id, name, and email.
name
string Unique, request-friendly framework name.
displayName
string Unique, human-readable framework name.
description
string The framework description.
classifiers
array The identifiers in the framework and any overrides for those identifiers.
createdAt
date When the framework was created.
updatedAt
date When the framework was last updated.
templateName
string The name of the identification framework to update.
Yes
name
string Unique, request-friendly framework name. Must be uppercase letters or numbers.
Yes
displayName
string Unique, human-readable framework name.
Yes
description
string The framework description.
Yes
classifiers
array The identifiers to include in the framework and any additional overrides for those identifiers.
Yes
classifiers.name
string The name of the identifier to include in the framework.
Yes
classifiers.overrides
array The overrides to modify the identifier for this framework.
No
classifiers.overrides.tags
array The resulting tags to apply when the identifier is matched. These tags will override the identifier's default tags and must begin with Discovered . .
No
id
integer The unique ID of the framework.
createdBy
array Includes details about the user who created the framework, such as their profile id, name, and email.
name
string Unique, request-friendly framework name.
displayName
string Unique, human-readable framework name.
description
string The framework description.
classifiers
array The identifiers in the framework and any overrides for those identifiers.
createdAt
date When the framework was created.
updatedAt
date When the framework was last updated.
DELETE
/sdd/classifier/{classifierName}
DELETE
/sdd/template/{templateName}
classifierName
string The name of the identifier to delete.
Yes
createdBy
array Includes details about the user who created the identifier, such as their profile id, name, and email.
name
string Unique, request-friendly identifier name.
displayName
string Unique, human-readable identifier name.
description
string The identifier description.
type
string The type of identifier: regex, dictionary, columnNameRegex, or builtIn.
config
object The configuration of the identifier, which includes config.values, config.caseSensitive, config.regex, config.columnNameRegex, and config.tags.
config.tags
array[string] The default resulting tags to apply to the data source when the identifier is matched.
config.columnNameRegex
string A case-insensitive regular expression to match against column names.
config.regex
string A case-insensitive regular expression to match against column values.
config.values
array[string] The list of words included in the dictionary to match against column values.
config.caseSensitive
boolean Indicates whether or not values are case sensitive.
createdAt
date When the identifier was created.
updatedAt
date When the identifier was last updated.
templateName
string The name of the identification framework to delete.
Yes
id
integer The unique ID of the framework.
createdBy
array Includes details about the user who created the framework, such as their profile id, name, and email.
name
string Unique, request-friendly framework name.
displayName
string Unique, human-readable framework name.
description
string The framework description.
classifiers
array The identifiers in the framework and any overrides for those identifiers.
createdAt
date When the framework was created.
updatedAt
date When the framework was last updated.