Skip to main content

Virtual APIs

One source of truth. Many governed views. A Virtual API is a governed view of an existing dataset. Instead of cloning data or building custom pipelines for each consumer, you define a declarative spec that applies redaction, tokenization, and transformations at the field level — automatically, per route.

How it works

  1. Enroll your data source (REST API today, data lakes coming soon)
  2. Define your spec — object definitions, filters, and access controls
  3. Publish — your Virtual API is instantly available
  4. Monitor — observe usage and schema changes over time

Basic configuration

A Virtual API spec defines which fields to protect, organized by the API objects (route segments) they apply to: 
objects:
  customers:
    filters:
      - target: 'ssn'
        filterType: REDACT
      - target: 'date_of_birth'
        filterType: REDACT
      - target: 'email'
        filterType: TOKENIZE_ANONYMOUS
This spec redacts ssn and date_of_birth and anonymizes email for any request matching the customers route — such as /api/customers or /api/customers/456.

Object definitions and route matching

Each key under objects is a named object definition that matches against URL path segments. DataHarbor matches the object name to the last (or second-to-last) segment of the request path. 
objects:
  addresses:
    filters:
      - target: 'name'
        filterType: REDACT
  users:
    filters:
      - target: 'metadata.tag'
        filterType: REDACT
Request pathMatched object
/v1/addressesaddresses
/v1/addresses/1addresses
/api/users/123users

Targeting nested and array fields

Target nested fields using dot notation, and array items using [arrayName] syntax: 
objects:
  orders:
    filters:
      - target: 'name'
        filterType: REDACT
      - target: '[addresses].name'
        filterType: REDACT
      - target: '[addresses].city'
        filterType: REDACT
This redacts the top-level name, plus the name and city fields inside every item in the addresses array — all within a single object definition. For nested objects, use dot notation: 
filters:
  - target: 'metadata.tag'
    filterType: REDACT
  - target: 'metadata.viewCount'
    filterType: REDACT

Multiple views from one source

One enrolled API can power many governed views, each with different filter configurations: 
# Partner View — redact identifiers
objects:
  customers:
    filters:
      - target: 'ssn'
        filterType: REDACT
      - target: 'date_of_birth'
        filterType: REDACT
      - target: 'email'
        filterType: REDACT

# Analytics View — tokenize for correlation
objects:
  customers:
    filters:
      - target: 'email'
        filterType: TOKENIZE
      - target: 'phone'
        filterType: TOKENIZE
      - target: 'ssn'
        filterType: REDACT

# AI Training View — anonymize for model training
objects:
  customers:
    filters:
      - target: '[addresses].name'
        filterType: REDACT
      - target: 'metadata.viewCount'
        filterType: TOKENIZE_ANONYMOUS
No duplicated data. No cloned APIs.

The _default object

_default is an optional catch-all that applies when no named object matches the request route: 
objects:
  addresses:
    filters:
      - target: 'name'
        filterType: REDACT
  _default:
    filters:
      - target: 'description'
        filterType: REDACT
Precedence: When a request matches a named object (e.g., addresses), only that object’s filters apply. When no named object matches, _default filters apply.

Spec options

OptionDefaultDescription
failOnUnmatchedObjectfalseReject requests that don’t match any defined object
useStrictNameMatchingtrueWhen false, match field names case-insensitively
failOnUnmatchedObject: true
objects:
  addresses:
    filters:
      - target: 'name'
        filterType: REDACT

Versioning

Every change to a Virtual API creates a new version. You can:
  • View the full version history
  • Compare configurations between versions
  • Roll back to a previous version
  • Audit which version was active at any point in time

Lifecycle

StateDescription
ActiveLive and accepting requests
ExpiredPast expiration date, no longer accepting requests
InactiveManually disabled, instant shutdown

Next steps

Data Control

Redaction, tokenization, anonymization

Access Control

Geo restrictions, expiration, revocation