> ## Documentation Index
> Fetch the complete documentation index at: https://docs.llmrouter.app/llms.txt
> Use this file to discover all available pages before exploring further.

# Zero-Trust Data Redaction

> Automatically detect and mask sensitive PII (Personally Identifiable Information) and proprietary keywords before your prompts ever leave your infrastructure.

***

When users interact with AI applications (especially coding assistants or customer support bots), they frequently—and accidentally—paste sensitive information into the chat.

A developer might paste a production database connection string containing a password. A customer might paste their credit card number or SSN into a support ticket. Sending this raw data to third-party LLM providers (like OpenAI or Anthropic) creates massive security and compliance risks (GDPR, HIPAA, SOC2).

LLM Router’s **Zero-Trust Data Redaction** solves this. It scans every incoming prompt in milliseconds and automatically masks sensitive data *before* the request is forwarded to the upstream AI provider.

## How Redaction Works

LLM Router uses a combination of high-speed Regex patterns and localized entity recognition to detect sensitive data formats.

When a match is found, the sensitive string is replaced with a safe placeholder token (e.g., `c****t@g****l.com` or `44** **** **** ***9`). The AI model processes the safe placeholder, understands the context perfectly, and returns an answer without ever seeing the raw data.

***

## Configuration

You configure exactly which types of data you want to mask inside the `gateway.redact` object.

```typescript node.js theme={null}
import OpenAI from "openai";

const client = new OpenAI({
  baseURL: "https://api.llmrouter.app/v1",
  apiKey: process.env.LLM_ROUTER_API_KEY,
});

async function main() {
  const response = await client.chat.completions.create({
    model: "claude-3-5-sonnet", // Or leave blank if using Tags
    messages: [
      {
        role: "user",
        content:
          "Debug my database connection: postgres://admin:superSecret99!@db.aws.com:5432. Also, my email is john.doe@company.com and my secret project is Project Apollo.",
      },
    ],

    // @ts-expect-error - Custom LLM Router extension
    gateway: {
      redact: {
        // Toggle specific PII detectors
        email: true,
        token: true, // Detects passwords, API keys, JWTs

        // Hide proprietary company terms
        custom: ["Project Apollo", "AcmeCorp Internal API"],
      },
    },
  });

  console.log(response.choices[0].message.content);
}
main();
```

### Visualizing the Redaction

**What you sent to LLM Router:**

> "Debug my database connection: `postgres://admin:superSecret99!@db.aws.com:5432`. Also, my email is `john.doe@company.com` and my secret project is `Project Apollo`."

**What LLM Router sent to Anthropic:**

> "Debug my database connection: `postgres://admin:*****@d****om:5432`. Also, my email is `jo****oe@co****ny.com` and my secret project is `****`."

*The AI can successfully debug the database structure without ever seeing the actual password, email, or your company's secret project name.*

***

## Configuration Properties

You can toggle individual detectors based on your specific compliance needs. All properties are optional booleans (`true` to enable redaction, `false` to disable).

### The `redact` Object

| Property      | Type      | Description                                                                                                                                     |
| :------------ | :-------- | :---------------------------------------------------------------------------------------------------------------------------------------------- |
| `email`       | `boolean` | Detects standard email addresses (e.g., `user@domain.com`).                                                                                     |
| `phone`       | `boolean` | Detects international and domestic phone numbers.                                                                                               |
| `ip`          | `boolean` | Detects IPv4 and IPv6 addresses.                                                                                                                |
| `uuid`        | `boolean` | Detects standard UUID strings (often used as internal system IDs).                                                                              |
| `token`       | `boolean` | **Highly Recommended:** Aggressively detects API Keys (OpenAI, AWS, Stripe), JWTs, Bearer tokens, and passwords embedded in connection strings. |
| `credit_card` | `boolean` | Detects major credit card formats (Visa, Mastercard, Amex).                                                                                     |
| `iban`        | `boolean` | Detects International Bank Account Numbers.                                                                                                     |
| `ssn`         | `boolean` | Detects US Social Security Numbers.                                                                                                             |
| `mac`         | `boolean` | Detects MAC addresses.                                                                                                                          |

### Custom Keyword Redaction

| Property | Type       | Description                                                                                                                                                                                      |
| :------- | :--------- | :----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `custom` | `string[]` | An array of exact strings to aggressively redact. Perfect for hiding proprietary code names, internal employee names, or specific competitor names you don't want leaking into AI training data. |

<Card title="Zero Data Retention Guarantee" icon="lock" color="#10b981">
  Even if you choose not to enable redaction, LLM Router operates on a strict
  **Zero Data Retention** architecture. We process your prompts in ephemeral
  memory to route them, and we **never store your prompt data** in our
  databases.
</Card>
