Tokenization
Single
Overview
The Single Tokenization API is used to replace sensitive data with a generated token.
The generated token can be stored or processed by the application instead of storing the original sensitive value. This helps reduce exposure of sensitive data in application systems, databases, logs, or downstream services.
Endpoint
POST https://<onedb-hostname>:8443/api/v1/tokenize?singleRequest Headers
Authorization: Bearer {{ONEDB_BEARER}}
Content-Type: application/jsonRequest Body
{
"trxId": 20,
"templateName": "App_Without_Masking",
"data": "4111-2222-3333-4444"
}Request Fields
| Field | Type | Required | Description |
|---|---|---|---|
trxId |
Number | Yes | Unique transaction ID provided by the client application for tracking and audit reference. |
templateName |
String | Yes | Name of the tokenization template configured in OneDB. |
data |
String | Yes | Sensitive data value that will be tokenized. |
Successful Response
{
"trxId": 20,
"success": true,
"token": "3324-1991-5516-0208"
}Successful Response Fields
| Field | Type | Description |
|---|---|---|
trxId |
Number | Transaction ID returned from the request. |
success |
Boolean | Indicates whether the tokenization request was successful. |
token |
String | Generated token value that represents the original sensitive data. |
Failed Response
{
"trxId": 20,
"success": false,
"message": "Invalid template name!"
}Failed Response Fields
| Field | Type | Description |
|---|---|---|
trxId |
Number | Transaction ID returned from the request. |
success |
Boolean | Indicates whether the tokenization request was successful. The value is false when the request fails. |
message |
String | Error message describing why the tokenization request failed. |
Token Usage
The generated token may be stored by the application and used as a replacement value for the original sensitive data.
For example, instead of storing:
4111-2222-3333-4444The application may store:
3324-1991-5516-0208The original value can later be retrieved using the Detokenization API, subject to authorization and policy configuration.
Example Request Using cURL
curl -X POST "https://<onedb-hostname>:8443/api/v1/tokenize?single" \
-H "Authorization: Bearer {{ONEDB_BEARER}}" \
-H "Content-Type: application/json" \
-d '{
"trxId": 20,
"templateName": "App_Without_Masking",
"data": "4111-2222-3333-4444"
}'Notes
- This API requires a valid authentication token.
- The
templateNamemust match an existing tokenization template configured in OneDB. - The
trxIdshould be unique for each request to support tracking and troubleshooting. - The
datafield should contain the original sensitive value that needs to be tokenized. - If the request fails with
Invalid template name!, verify that the template name exists and is active in OneDB. - The generated token should be stored securely and used instead of the original sensitive value whenever possible.
