Documentation Index
Fetch the complete documentation index at: https://docs.nano-gpt.com/llms.txt
Use this file to discover all available pages before exploring further.
PII Redaction
NanoGPT supports optional PII redaction for API and web chat requests. When redaction is enabled, NanoGPT routes the request through Grepture before it reaches the selected model. Grepture masks supported personal information before the model sees the prompt, then restores masked values in the model response when possible.
This is useful when you want to reduce the amount of personal or sensitive data sent to model providers while still getting a useful final answer.
PII redaction is opt-in and costs $0.0005 per redacted request.
How Redaction Works
When redaction is enabled:
- The user sends a request to NanoGPT.
- NanoGPT routes that request through Grepture.
- Grepture detects supported personal information and replaces it with temporary placeholders before the request reaches the model.
- The model processes the redacted prompt.
- Grepture restores masked personal information in the response where possible.
- NanoGPT returns the final response to the user.
Simple flow:
User -> NanoGPT -> Grepture -> Model -> Grepture -> NanoGPT -> User
Supported API Endpoints
PII redaction can be enabled on:
POST /v1/chat/completionsPOST /v1/completionsPOST /v1/responses
Pass any one of these headers with a truthy value:
| Header | Recommended |
|---|
redaction: true | Yes |
redacted: true | No |
piiredaction: true | No |
piiredacted: true | No |
Chat Completions Example
curl https://nano-gpt.com/api/v1/chat/completions \
-H "Authorization: Bearer $NANOGPT_API_KEY" \
-H "Content-Type: application/json" \
-H "redaction: true" \
-d '{
"model": "openai/gpt-5.5",
"messages": [
{
"role": "user",
"content": "Email jane@example.com and tell her the appointment is tomorrow."
}
]
}'
Responses Example
curl https://nano-gpt.com/api/v1/responses \
-H "Authorization: Bearer $NANOGPT_API_KEY" \
-H "Content-Type: application/json" \
-H "redaction: true" \
-d '{
"model": "openai/gpt-5.5",
"input": "Summarize this customer note: John Smith called from 555-123-4567."
}'
Disable For One Request
If redaction is enabled by an account-level or API-key default, a request can opt out with any supported redaction header set to a falsy value:
| Header | Recommended |
|---|
redaction: false | Yes |
redacted: false | No |
piiredaction: false | No |
piiredacted: false | No |
:redaction, redaction remains enabled.
Enable With Model Suffixes
You can also enable redaction by appending a redaction suffix to the model name:
| Suffix |
|---|
:redaction |
:redacted |
:piiredaction |
:piiredacted |
{
"model": "openai/gpt-5.5:redaction",
"messages": [
{
"role": "user",
"content": "My phone number is 555-123-4567. Write a short reminder text."
}
]
}
{
"model": "openai/gpt-5.5:redaction:online",
"messages": [
{
"role": "user",
"content": "Search for updates related to this customer domain: example.com"
}
]
}
Enable In Web Chat
In the NanoGPT web app, users can enable PII redaction from:
Settings > Privacy > PII redaction for chats
API Default Settings
Users can enable redaction by default for API requests from:
Settings > Privacy > PII redaction for API requests
redaction: false.
API keys can also be configured individually from the API key settings modal:
| API key setting | Behavior |
|---|
| Inherit account | Use the account-level API default. |
| Always redact | Redact requests made with this API key unless the request opts out. |
| Never redact | Do not apply the account-level API redaction default to this API key. |
What Gets Redacted
The redaction layer is designed to detect and mask common personal information and sensitive credentials.
Supported PII categories:
| Category | Description |
|---|
| Email | Email addresses |
| Phone | Phone numbers |
| SSN | US Social Security numbers |
| Credit card | Payment card numbers |
| IP address | IPv4 and IPv6-style network addresses |
| Address | Physical addresses |
| Name | Person names |
| Date of birth | Birth dates and DOB-style values |
Secrets And Credentials
NanoGPT also replaces common credential-like values with safe labels. These values are not restored.
Examples of secret categories:
| Category | Behavior |
|---|
| API keys and access tokens | Replaced with a safe label |
| Cloud credentials and session tokens | Replaced with a safe label |
| Webhook URLs | Replaced with a safe label |
| Private key material | Replaced with a safe label |
| Password or secret assignments | Replaced with a safe label |
| Service account identifiers | Replaced with a safe label |
| FTP-style embedded credentials | Replaced with a safe label |
Pricing
PII redaction costs $0.0005 per redacted request.
This charge is added only when redaction is enabled for the request. It is shown as a separate PII redaction add-on in usage details.
The redaction charge is per request, not per token.
Failure Behavior
Redaction is fail-closed. If a request asks for redaction and the redaction layer cannot be used, NanoGPT does not silently retry the request without redaction.
If redaction is enabled but the redaction service is unavailable, the request may fail rather than being sent without redaction. This prevents accidental unredacted fallback behavior.
Limitations
- Redaction is a privacy and safety layer, not a compliance guarantee.
- Detection is best-effort and may not catch every possible form of personal information or secret.
- PII restoration depends on the placeholder appearing in the model response. If the model rewrites, omits, or transforms the placeholder, restoration may not occur exactly as expected.
- Redaction applies to request content that can be processed as text. It should not be treated as pixel-level image redaction, file sanitization, malware scanning, or document de-identification.
- Users should still avoid sending unnecessary personal data or credentials to AI systems.
FAQ
Does redaction change the model I selected?
No. Redaction changes the route the request takes before it reaches the model. It does not change the selected model.
Does redaction work with streaming?
Yes. Redaction is intended to work with streaming responses. The request is still routed through the redaction layer before the model sees it.
Are redacted values restored in the final answer?
For supported personal information categories, yes, where possible. For secrets and credentials, no. Secrets are replaced with safe labels and are not restored.
Can I enable redaction globally for API requests?
Yes. Users can enable an account-level API redaction default in Settings > Privacy. API keys can inherit that default, always redact, or opt out of the account default. Per-request headers and model suffixes are also supported.
Can I opt out if my account or API key has redaction enabled by default?
Yes. Send redaction: false on the request to opt out of account-level or API-key redaction defaults. Model suffixes such as :redaction explicitly enable redaction for that request.
What happens if I use both the header and the model suffix?
Redaction is enabled. There is still only one redaction charge for the request.
Does this mean NanoGPT never sees the original prompt?
No. The user sends the original request to NanoGPT first. Redaction is designed to reduce what reaches the selected model provider by routing the request through Grepture before provider dispatch.
