JSON Sensitive Data Redactor
Redact and mask sensitive data in JSON objects like passwords, API keys, tokens, emails, and personal information. GDPR-compliant data sanitization.
Input
Output
Readme
What is data redaction?
Data redaction is the process of obscuring or removing sensitive information from documents or data structures while preserving the overall format and non-sensitive content. In the context of JSON data, redaction involves replacing or removing specific values at designated paths without altering the structure of the document.
Sensitive data in JSON files can include personal identifiable information (PII) such as names, email addresses, phone numbers, social security numbers, API keys, passwords, credit card numbers, and other confidential information. Proper redaction ensures this data cannot be recovered while maintaining the document's usability for testing, debugging, sharing, or compliance purposes.
Tool description
This tool allows you to redact sensitive data from JSON documents by specifying paths to the values that need to be hidden. You can either replace sensitive values with a custom censor string (like [REDACTED]) or completely remove the keys from the output. The tool validates your JSON input and processes nested objects and arrays using path expressions.
Examples
Input JSON:
{
"user": {
"name": "John Doe",
"email": "john@example.com",
"password": "secret123"
},
"apiKey": "sk-1234567890abcdef"
}Paths to redact:
user.email
user.password
apiKeyOutput (Replace mode with [REDACTED]):
{
"user": {
"name": "John Doe",
"email": "[REDACTED]",
"password": "[REDACTED]"
},
"apiKey": "[REDACTED]"
}Output (Remove keys mode):
{
"user": {
"name": "John Doe"
}
}Redacting array elements:
users[*].ssn
payments[0].cardNumberFeatures
- Custom path expressions — Specify exact paths to sensitive data using dot notation with support for array indexing and wildcards
- Flexible censor values — Replace sensitive data with any custom string like
[REDACTED],***, ornull - Remove mode — Completely remove sensitive keys instead of replacing their values
- Nested object support — Navigate deep into complex JSON structures with unlimited nesting levels
- Real-time processing — See redacted output instantly as you type or modify settings
Path syntax
The tool uses path expressions to locate values in your JSON:
| Syntax | Description | Example |
|---|---|---|
key |
Top-level property | apiKey |
parent.child |
Nested property | user.email |
array[0] |
Specific array index | users[0].name |
array[*] |
All array elements | users[*].password |
Use cases
Sharing logs with developers — When you need to share application logs or API responses with team members or external developers for debugging, redact sensitive user data, authentication tokens, and API keys before sharing.
GDPR and compliance — Prepare data exports that comply with privacy regulations by removing or masking personal identifiable information while retaining the data structure for auditing purposes.
Creating test fixtures — Generate realistic test data from production JSON by redacting actual sensitive values, maintaining the structure and data types for integration testing.
Options explained
| Option | Description |
|---|---|
| Custom paths | Enter one path per line to specify which values to redact. Use dot notation for nested properties and bracket notation for arrays. |
| Censor value | The string that replaces redacted values. Default is [REDACTED] but you can use any text. |
| Mode | Choose between replacing values with the censor string or completely removing the keys from the output. |
Tips
- Use wildcards (
[*]) to redact the same field across all items in an array - When sharing configuration files, redact credentials but keep the structure intact so others understand the expected format
- For complete data removal, use "Remove keys" mode instead of replacement to reduce file size and eliminate any trace of sensitive fields