Creating Data Types
Create custom data types for detecting proprietary or organization-specific sensitive data patterns.
Endpoint
Creates a new custom data type with regex patterns or group configuration.
Authentication
Requires API Key with Admin permission.
Request Body
| Field | Type | Required | Description |
|---|---|---|---|
type |
string | Yes | Unique type identifier - must be UPPERCASE with underscores (e.g., EMPLOYEE_ID, API_KEY) |
name |
string | Yes | Display name (1-100 chars) |
description |
string | No | Description (0-128 chars) |
disabled |
boolean | No | Whether type is disabled (default: false) |
isGroupDataType |
boolean | Yes | true for group types, false for regex types |
regexes |
array | Conditional | Required if isGroupDataType is false |
dataTypes |
string[] | Conditional | Required if isGroupDataType is true (UUIDs of member types) |
Naming Convention: The type field must use UPPERCASE letters with underscores for word separation (e.g., EMPLOYEE_ID, CREDIT_CARD, API_TOKEN). This identifier is used in API URLs and must be unique across all data types.
Regex Object Fields
| Field | Type | Description |
|---|---|---|
regex |
string | Regular expression pattern |
json |
string | Optional JSON-specific pattern |
html |
string | Optional HTML-specific pattern |
valueGroupIndex |
integer | Capture group index for extracted value (0 = full match) |
Response
Returns the created data type object with an id field:
Response Format
{
"id": "550e8400-e29b-41d4-a716-446655440000",
"type": "EMPLOYEE_ID",
"name": "Employee ID",
"description": "Company employee identifier format",
"disabled": false,
"isGroupDataType": false,
"isBuiltIn": false,
"regexes": [
{
"regex": "EMP-[0-9]{6}",
"json": "",
"html": "",
"valueGroupIndex": 0
}
],
"createdAt": 1704067200,
"updatedAt": 1704067200
}
Examples
Create Regex Data Type for API Keys
Create a custom regex-based data type to detect API keys.
curl -X POST "https://your-shield-host:8080/api/datatypes" \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"type": "API_KEY",
"name": "API Key",
"description": "Internal API key format",
"disabled": false,
"isGroupDataType": false,
"regexes": [
{
"regex": "sk_live_[A-Za-z0-9]{24}",
"json": "",
"html": "",
"valueGroupIndex": 0
}
]
}'
import requests
BASE_URL = "https://your-shield-host:8080"
HEADERS = {"Authorization": "Bearer YOUR_API_KEY"}
datatype = {
"type": "API_KEY",
"name": "API Key",
"description": "Internal API key format",
"disabled": False,
"isGroupDataType": False,
"regexes": [
{
"regex": "sk_live_[A-Za-z0-9]{24}",
"json": "",
"html": "",
"valueGroupIndex": 0
}
]
}
response = requests.post(f"{BASE_URL}/api/datatypes", headers=HEADERS, json=datatype)
print(f"Created data type: {response.json()['id']}")
const axios = require('axios');
const BASE_URL = 'https://your-shield-host:8080';
const HEADERS = { 'Authorization': 'Bearer YOUR_API_KEY' };
const datatype = {
type: 'api_key',
name: 'API Key',
description: 'Internal API key format',
disabled: false,
isGroupDataType: false,
regexes: [
{
regex: 'sk_live_[A-Za-z0-9]{24}',
json: '',
html: '',
valueGroupIndex: 0
}
]
};
const response = await axios.post(`${BASE_URL}/api/datatypes`, datatype, { headers: HEADERS });
console.log(`Created data type: ${response.data.id}`);
Create Group Data Type
Create a group that combines multiple data types into one logical unit.
# First, get UUIDs of existing types
DATATYPES=$(curl -s -X GET "https://your-shield-host:8080/api/datatypes" \
-H "Authorization: Bearer YOUR_API_KEY")
# Extract IDs (replace with actual jq queries for your types)
CC_ID=$(echo $DATATYPES | jq -r '.items[] | select(.type=="credit_card") | .id')
BANK_ID=$(echo $DATATYPES | jq -r '.items[] | select(.type=="bank_account") | .id')
# Create group
curl -X POST "https://your-shield-host:8080/api/datatypes" \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d "{
\"type\": \"financial_pii\",
\"name\": \"Financial PII\",
\"description\": \"All financial sensitive data\",
\"isGroupDataType\": true,
\"dataTypes\": [\"$CC_ID\", \"$BANK_ID\"]
}"
import requests
BASE_URL = "https://your-shield-host:8080"
HEADERS = {"Authorization": "Bearer YOUR_API_KEY"}
# First, get UUIDs of existing types
response = requests.get(f"{BASE_URL}/api/datatypes", headers=HEADERS)
types = {t["type"]: t["id"] for t in response.json()["items"]}
# Create group
group = {
"type": "financial_pii",
"name": "Financial PII",
"description": "All financial sensitive data",
"isGroupDataType": True,
"dataTypes": [
types["credit_card"],
types["bank_account"]
]
}
response = requests.post(f"{BASE_URL}/api/datatypes", headers=HEADERS, json=group)
print(f"Created group: {response.json()['id']}")
const axios = require('axios');
const BASE_URL = 'https://your-shield-host:8080';
const HEADERS = { 'Authorization': 'Bearer YOUR_API_KEY' };
// First, get UUIDs of existing types
const response = await axios.get(`${BASE_URL}/api/datatypes`, { headers: HEADERS });
const types = response.data.items.reduce((acc, t) => {
acc[t.type] = t.id;
return acc;
}, {});
// Create group
const group = {
type: 'financial_pii',
name: 'Financial PII',
description: 'All financial sensitive data',
isGroupDataType: true,
dataTypes: [
types['credit_card'],
types['bank_account']
]
};
const groupResponse = await axios.post(`${BASE_URL}/api/datatypes`, group, { headers: HEADERS });
console.log(`Created group: ${groupResponse.data.id}`);
JSON-Specific Pattern (JSON Query)
Detect SSN fields in JSON using a JSON query definition. The json field uses a custom query language, not JSONPath.
curl -X POST "https://your-shield-host:8080/api/datatypes" \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"type": "SSN_JSON",
"name": "SSN in JSON",
"description": "Detect SSN fields in JSON content",
"isGroupDataType": false,
"regexes": [
{
"json": "{\"Search\":{\"Key\":{\"Regex\":\"(?i)ssn|social\"},\"Value\":{\"String\":{\"Regex\":\"\\\\d{3}-\\\\d{2}-\\\\d{4}\"}}}}",
"valueGroupIndex": 0
}
]
}'
import requests
import json
BASE_URL = "https://your-shield-host:8080"
HEADERS = {"Authorization": "Bearer YOUR_API_KEY"}
# JSON query definition: Search keys like "ssn" or "social"
json_query = {
"Search": {
"Key": {"Regex": "(?i)ssn|social"},
}
}
datatype = {
"type": "SSN_JSON",
"name": "SSN in JSON",
"description": "Detect SSN fields in JSON content",
"isGroupDataType": False,
"regexes": [
{
"json": json.dumps(json_query),
"valueGroupIndex": 0
}
]
}
response = requests.post(f"{BASE_URL}/api/datatypes", headers=HEADERS, json=datatype)
print(f"Created data type: {response.json()['id']}")
const axios = require('axios');
const BASE_URL = 'https://your-shield-host:8080';
const HEADERS = { 'Authorization': 'Bearer YOUR_API_KEY' };
// JSON query definition: Search keys like "ssn" or "social"
const jsonQuery = {
Search: {
Key: { Regex: '(?i)ssn|social' },
}
};
const datatype = {
type: 'SSN_JSON',
name: 'SSN in JSON',
description: 'Detect SSN fields in JSON content',
isGroupDataType: false,
regexes: [
{
json: JSON.stringify(jsonQuery),
valueGroupIndex: 0
}
]
};
const response = await axios.post(`${BASE_URL}/api/datatypes`, datatype, { headers: HEADERS });
console.log(`Created data type: ${response.data.id}`);
HTML-Specific Pattern (XPath)
Detect email addresses in HTML anchor href attributes using XPath. The html field is an XPath expression, not regex.
curl -X POST "https://your-shield-host:8080/api/datatypes" \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"type": "EMAIL_HTML",
"name": "Email in HTML Links",
"description": "Detect email addresses in href attributes",
"isGroupDataType": false,
"regexes": [
{
"html": "//a/@href",
"valueGroupIndex": 0
}
]
}'
import requests
BASE_URL = "https://your-shield-host:8080"
HEADERS = {"Authorization": "Bearer YOUR_API_KEY"}
datatype = {
"type": "EMAIL_HTML",
"name": "Email in HTML Links",
"description": "Detect email addresses in href attributes",
"isGroupDataType": False,
"regexes": [
{
"html": "//a/@href", # XPath: all href attributes in anchor tags
"valueGroupIndex": 0
}
]
}
response = requests.post(f"{BASE_URL}/api/datatypes", headers=HEADERS, json=datatype)
print(f"Created data type: {response.json()['id']}")
const axios = require('axios');
const BASE_URL = 'https://your-shield-host:8080';
const HEADERS = { 'Authorization': 'Bearer YOUR_API_KEY' };
const datatype = {
type: 'EMAIL_HTML',
name: 'Email in HTML Links',
description: 'Detect email addresses in href attributes',
isGroupDataType: false,
regexes: [
{
html: '//a/@href', // XPath: all href attributes in anchor tags
valueGroupIndex: 0
}
]
};
const response = await axios.post(`${BASE_URL}/api/datatypes`, datatype, { headers: HEADERS });
console.log(`Created data type: ${response.data.id}`);
Multi-Format Detection (Separate Rules)
Detect the same pattern across multiple content types using separate regex rule objects.
curl -X POST "https://your-shield-host:8080/api/datatypes" \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"type": "API_TOKEN",
"name": "API Token",
"description": "Detect API tokens in any content type",
"isGroupDataType": false,
"regexes": [
{
"regex": "sk_live_[A-Za-z0-9]{24}",
"valueGroupIndex": 0
},
{
"json": "{\"Search\":{\"String\":{\"Regex\":\"sk_live_[A-Za-z0-9]{24}\"}}}",
"valueGroupIndex": 0
},
{
"html": "//code",
"valueGroupIndex": 0
}
]
}'
import requests
import json
BASE_URL = "https://your-shield-host:8080"
HEADERS = {"Authorization": "Bearer YOUR_API_KEY"}
datatype = {
"type": "API_TOKEN",
"name": "API Token",
"description": "Detect API tokens in any content type",
"isGroupDataType": False,
"regexes": [
# Rule 1: Plain text detection
{
"regex": "sk_live_[A-Za-z0-9]{24}",
"valueGroupIndex": 0
},
# Rule 2: JSON-specific detection
{
"json": json.dumps({
"Datatype": None,
"Search": {"String": {"Regex": "sk_live_[A-Za-z0-9]{24}"}}
}),
"valueGroupIndex": 0
},
# Rule 3: HTML-specific detection (in <code> tags)
{
"html": "//code", # XPath: all <code> elements
"valueGroupIndex": 0
}
]
}
response = requests.post(f"{BASE_URL}/api/datatypes", headers=HEADERS, json=datatype)
print(f"Created data type: {response.json()['id']}")
const axios = require('axios');
const BASE_URL = 'https://your-shield-host:8080';
const HEADERS = { 'Authorization': 'Bearer YOUR_API_KEY' };
const datatype = {
type: 'API_TOKEN',
name: 'API Token',
description: 'Detect API tokens in any content type',
isGroupDataType: false,
regexes: [
// Rule 1: Plain text detection
{
regex: 'sk_live_[A-Za-z0-9]{24}',
valueGroupIndex: 0
},
// Rule 2: JSON-specific detection
{
json: JSON.stringify({
Datatype: null,
Search: { String: { Regex: 'sk_live_[A-Za-z0-9]{24}' } }
}),
valueGroupIndex: 0
},
// Rule 3: HTML-specific detection (in <code> tags)
{
html: '//code', // XPath: all <code> elements
valueGroupIndex: 0
}
]
};
const response = await axios.post(`${BASE_URL}/api/datatypes`, datatype, { headers: HEADERS });
console.log(`Created data type: ${response.data.id}`);
Error Responses
| Status Code | Description | Solution |
|---|---|---|
400 |
Invalid request body | Check field validation requirements |
401 |
Invalid or expired API key | Verify authentication |
403 |
Insufficient permissions | Key needs Admin permission |
409 |
Data type identifier already exists | Use a unique type identifier |
Related Topics
- List Data Types - Query all data types
- Update Data Types - Modify existing data types
- Regex Guidelines - Best practices for regex patterns
- Obfuscations API - Configure masking for these types