API v1

Anonymize API

One endpoint. Send an ID scan, get an anonymized PDF back. Use this to integrate AnonID into your KYC flow, tenant onboarding, or mobile app.

Authentication

Every request requires an API key in the X-API-Key header. Create keys under Settings → API keys. Keys are shown once at creation and only their SHA-256 hash is stored.

Endpoint

POST /api/public/v1/anonymize

Request

Response — PDF (default)

Response — JSON envelope

Send format=json (or Accept: application/json) to receive everything in one structured payload:

{
  "document_id": "…uuid…",
  "pdf_base64": "JVBERi0xLjQK…",       // the anonymized PDF, base64-encoded
  "extracted": {                        // null unless extract=1
    "full_name": "JANE DOE",
    "date_of_birth": "1985-04-16",
    "date_of_expiry": "2027-08-30"
  },
  "expired": false                      // null unless extract=1
}

Retries & backoff

The service may return 429 (rate limit or temporary saturation — "Server busy") or 502 / 503 / 504 under load. These are transient and safe to retry. Other 4xx responses (400, 401, 413, 415, 422) are permanent — do not retry.

Example — curl (PDF + extracted headers)

curl -X POST https://anonid.nl/api/public/v1/anonymize \
  -H "X-API-Key: $ANONID_KEY" \
  -F "file=@scan.jpg" \
  -F "purpose=Huurcontract Prinsengracht 42" \
  -F "extract=1" \
  -o anonymized.pdf -D headers.txt

# Then read the extracted fields from headers.txt:
grep -i '^x-extracted-' headers.txt

Example — Node.js (JSON envelope)

import fs from "node:fs/promises";

const blob = new Blob([await fs.readFile("scan.jpg")], { type: "image/jpeg" });
const fd = new FormData();
fd.append("file", blob, "scan.jpg");
fd.append("purpose", "Huurcontract Prinsengracht 42");
fd.append("extract", "1");
fd.append("format", "json");

const res = await fetch("https://anonid.nl/api/public/v1/anonymize", {
  method: "POST",
  headers: { "X-API-Key": process.env.anonid_KEY! },
  body: fd,
});
if (!res.ok) throw new Error(await res.text());

const { document_id, pdf_base64, extracted, expired } = await res.json();
await fs.writeFile("anonymized.pdf", Buffer.from(pdf_base64, "base64"));

console.log("document:", document_id);
console.log("full name:", extracted?.full_name);
console.log("date of birth:", extracted?.date_of_birth);
console.log("date of expiry:", extracted?.date_of_expiry, expired ? "(EXPIRED)" : "");

What gets redacted?

Each request applies your organization's default redaction profile unioned with the country's legally-required minimum (BSN and MRZ for Dutch passports and ID cards). Configure the profile in Settings → Redaction rules.

Watermark

Pass purpose to burn a diagonal red "KOPIE – {purpose}" stamp across every page at ~50% opacity and −30° rotation, repeated three times top-to-bottom. The stamp is normalized to ASCII (WinAnsi-safe) and truncated to 80 characters. It's intended for visual deterrence and audit — it is not cryptographic proof and can be cropped out of a re-scanned print. For tamper-evident distribution, ship the returned PDF together with the X-Document-Id so it can be verified against your AnonID audit log.