text.redact

Redact secrets from arbitrary text. Deterministic, keyless, pure compute — no data is stored. Pass `text` (up to 256 KB); each detected credential is replaced in-place with a `[redacted:<kind>]` marker (surrounding text is preserved so the result stays greppable), and you get per-kind hit counts. Detects: PEM private-key blocks, JWTs, AWS access-key ids (AKIA/ASIA), GitHub tokens (ghp_/gho_/ghu_/ghs_/ghr_), Stripe keys (sk_/pk_/rk_ live|test), OpenAI keys (sk-…), npm tokens (npm_…), Slack tokens (xox[baprs]-…), Google API keys (AIza…), HTTP Bearer tokens, scheme://user:password@host URL credentials, and generic api_key/secret/token/password assignments. Idempotent. Useful before logging, storing (see store.doc-put redact=true), or sharing agent/tool output.

price
$0.0010 USDC per call
method
POST/api/text/redact
payment
x402 v2 · USDC on Base (EIP-3009) or Solana (SPL transfer)
auth
None. Sign the payment, retry with PAYMENT-SIGNATURE.

Overview

The redact API is a pay-per-call text endpoint built for AI agents and autonomous software. Redact secrets from arbitrary text.

There is no signup and no API key. An agent (or any HTTP client) hits the endpoint, receives an x402 "402 Payment Required" challenge, signs a sub-cent USDC payment on Base or Solana, and retries — the data comes back on the paid request. That makes it a drop-in redact data source for an agent tool-use loop, an MCP host, or a backend that needs text data on demand without onboarding to yet another vendor portal.

Use cases

Parameters

NameTypeDescription
textrequiredstringThe text to scrub. Up to 256 KB.
min 1 chars · max 262144 chars

Code samples

cURLbash
# 1. Probe the endpoint with no auth — receive 402 with PaymentRequirements
curl -sS -X POST 'https://2s.io/api/text/redact' \
  -H 'Content-Type: application/json' \
  -d '{"text":"example"}'

# 2. Sign the EIP-3009 transferWithAuthorization for the advertised price +
#    payTo from the 402 envelope, then retry with PAYMENT-SIGNATURE:
curl -sS -X POST 'https://2s.io/api/text/redact' \
  -H 'Content-Type: application/json' \
  -H 'PAYMENT-SIGNATURE: <base64-json-payload>' \
  -d '{"text":"example"}'

# Or just use the canonical runner — it handles the whole loop:
#   EVM_PRIVATE_KEY=0x... node --env-file=.env.local \
#     --experimental-strip-types scripts/x402-pay.ts \
#     'https://2s.io/api/text/redact'
TypeScript / Node — @2sio/sdktypescript
import { TwoS } from '@2sio/sdk'

const client = new TwoS({
  privateKey: process.env.EVM_PRIVATE_KEY as `0x${string}`,
})

const result = await client.text.redact({
  "text": "example"
})

console.log('endpoint:', result.endpoint)
console.log('cost:', result.costUsd, 'USDC')
console.log('tx:', result.settlement?.txHash)
console.log('data:', result.data)
Python — 2siopython
import os
from twosio import TwoS

client = TwoS(private_key=os.environ["EVM_PRIVATE_KEY"])

result = client.text.redact(text="example")

print("endpoint:", result.endpoint)
print("cost:", result.cost_usd, "USDC")
print("tx:", (result.settlement or {}).get("tx_hash"))
print("data:", result.data)
MCP — Claude Desktop / AgentKit / any MCP hostjson
// 1. Add @2sio/mcp to your MCP host config (Claude Desktop example below).
//    EVM_PRIVATE_KEY funds x402 payments per call.

// claude_desktop_config.json
{
  "mcpServers": {
    "2sio": {
      "command": "npx",
      "args": ["-y", "@2sio/mcp"],
      "env": { "EVM_PRIVATE_KEY": "0x..." }
    }
  }
}

// 2. Once the server is running, agents call this tool via standard MCP:

{
  "jsonrpc": "2.0",
  "id": 1,
  "method": "tools/call",
  "params": {
    "name": "text.redact",
    "arguments": {
      "text": "example"
    }
  }
}

Response

FieldTypeDescription
okboolean
one of: true
itemsarray
totalintegerTotal matching rows upstream; null when unknown.
sourceobject
Example response datajson
{
  "ok": true,
  "items": [
    {
      "redacted": "example",
      "counts": {
        "pem_private_key": 1,
        "jwt": 1,
        "aws_access_key_id": 1,
        "github_token": 1,
        "stripe_key": 1,
        "openai_key": 1,
        "npm_token": 1,
        "slack_token": 1,
        "google_api_key": 1,
        "bearer_token": 1,
        "url_credentials": 1,
        "secret_assignment": 1
      },
      "totalRedacted": 1
    }
  ],
  "total": 1,
  "source": {
    "provider": "example",
    "url": "example",
    "license": "example"
  }
}

FAQ

Do I need an API key to use the redact API?
No. text.redact is x402-native — there is no signup and no API key. Your client makes the call, receives a 402 with payment requirements, signs a USDC payment, and retries. Funds come from a wallet you control.
How much does the redact API cost?
$0.0010 USDC per call, charged per request. There are no monthly fees, seats, or minimums — you pay only for the calls you make.
Can I try the redact API for free first?
Yes. Add ?trial=1 (or the header X-2s-Trial: 1) to get a free real call per endpoint per hour, so you can verify the response shape before wiring payment.
Which networks and tokens are supported?
USDC on Base (via EIP-3009 transferWithAuthorization) or Solana (SPL transfer), using the open x402 payment protocol.
How do I call text.redact from an AI agent or MCP host?
Use @2sio/sdk (TypeScript), 2sio (Python), or the @2sio/mcp server for any MCP host — each handles the probe → sign → retry loop for you. See the code samples on this page.

Discovery

Related: redact api · text redact api · redact api for ai agents · x402 text api · redact api no api key · pay per call redact api · text api