Mon, 01 Jan 0001 00:00:00 +0000

Payload Encoding

The following encoding formats are supported in the REST API.

For every encoding, the resultant protected data is returned in the same encoding. For example, if request is hex-encoded, the response is also hex-encoded.

For more information about the encoding formats, refer to the Protection Methods Reference.

Encoding

Supported by data elements

Notes

utf8

All except binary data elements.

Default encoding if encoding is not specified.

Mon, 01 Jan 0001 00:00:00 +0000

Request

Performs a policy operation such as protect, unprotect, or reprotect.

Method

POST
Parameters

dataelementname: (protect/unprotect) Data element to use for the policy operation.

externaliv: (protect/unprotect) Optional, external initialization vector.

newdataelementname: (reprotect) Data element to use for the output.

newexternaliv: (reprotect) Optional, external initialization vector for the output.

olddataelementname: (reprotect) Data element to use for the input.

oldexternaliv: (reprotect) Optional, external initialization vector for the input.

policyusername: User performing the operation.

Mon, 01 Jan 0001 00:00:00 +0000

Request

AWS Lambda service limits maximum size of payload to 6 MB. Client applications of Protegrity Cloud API must ensure their payload size is within this limit. This applies to all types of requests described below.

Performs a policy operation such as protect, unprotect, or reprotect.

URI

/v1/protect or /v1/unprotect or /v1/reprotect
Method

POST
Parameters

data: Input data to the policy operation.

data_element: Data element to use for the policy operation.

Mon, 01 Jan 0001 00:00:00 +0000

ESA Audit Store Configuration

ESA server is required as the recipient of audit logs. Verify the information below to ensure ESA is accessible and configured properly.

ESA server running and accessible on TCP port 9200 (Audit Store) or 24284 (td-agent).
Audit Store service is configured and running on ESA. Applies when audit logs are output to Audit Store directly or through td-agent. For information related to ESA Audit Store configuration, refer to Audit Store Guide.

Mon, 01 Jan 0001 00:00:00 +0000

ESA Version Requirements

The Protector and Log Forwarder functions require a security policy from a compatible ESA version.

The table below shows compatibility between different Protector and ESA versions.

Note

For the latest up-to-date information refer to: Protegrity Compatibility Matrix

Protector Version	ESA Version
Protector Version	8.x	9.0	9.1 & 9.2	10.0
2.x	No	Yes	*	No
3.0.x & 3.1.x	No	No	Yes	No
3.2.x	No	No	Yes	*
4.0.x	No	No	No	Yes

Legend

Mon, 01 Jan 0001 00:00:00 +0000

Security Operation Parameters

The following table describes optional and required security operation parameters.

Parameter

Type

Example

Description

op_type

String

“op_type”:“UNPROTECT” “op_type”:“PROTECT”

Required operation name, can be either UNPROTECT or PROTECT

data_element

String

“data_element”:“TOK_ALPHA”

Required data element name defined in Protegrity Security Policy

external_iv

String

“external_iv”:“abc-123”

Optional external intialization vector, which allows for different tokenized results for the same input data and data element of the same security policy. Refer to the External Initialization Vector (IV) in the Protection Methods Reference for more details.

Mon, 01 Jan 0001 00:00:00 +0000

Cloud Protect on

Payload Encoding

Request

Request

ESA Audit Store Configuration

ESA Version Requirements

Note

Security Operation Parameters