For AI agents: a documentation index is available at the root level at /llms.txt and /llms-full.txt. Append /llms.txt to any URL for a page-level index, or .md for the markdown version of any page.
DocsAPI Reference
  • Fundamentals
    • Home
    • Why Skyflow?
    • Get started with Skyflow
    • Explore what Skyflow can do
    • Authenticate
    • Accounts and environments
    • Deployment models
    • Security best practices
    • Compliance and certifications
    • Get data into Skyflow
    • Platform FAQs
  • Governance
    • Overview
  • Tokenization
    • Overview
  • Connections
    • Overview
  • Processing
  • AI and data sanitization
    • Overview
  • SDKs
    • Overview
  • Elements
    • Collect and reveal data with Skyflow Elements
LogoLogo
Login
Login
On this page
  • Prerequisites
  • Get vault information
  • Authenticate
  • Insert data
  • Get data
  • Next steps
Fundamentals

Get started with Skyflow

Was this page helpful?
Previous

Explore what Skyflow can do

Next
Built with

Managing your data with Skyflow is as simple as making an API call. By the end of this guide, you’ll have used the Data API to insert and retrieve sensitive data from a vault.

Prerequisites

Before you get started,

  • Make sure you have a terminal that can run bash commands.
  • Sign in to your Skyflow account. If you don’t have an account, sign up for a free trial.
The following content uses the Quickstart vault template. Adapt your commands accordingly.

Get vault information

Every account comes with a Quickstart vault. This vault is pre-configured with two tables: credit_cards and persons. Before you can insert data into the vault, you’ll need to gather some information. Alternatively, you can create a vault and gather that vault’s information instead.

  1. In Studio, click vault menu icon > View vault details.
  2. Note your Account ID, Vault ID, and Vault URL values.
  3. Set environment variables for your account, vault, and auth details:
$export ACCOUNT_ID=$ACCOUNT_ID
$export VAULT_ID=$VAULT_ID
$export VAULT_URL=$VAULT_URL

Authenticate

To authenticate API calls, you need a JWT bearer token or an API key. For a short-lived token, use the following process. To generate tokens from service accounts, see Authenticate.

  1. In Studio, click your account icon and choose Generate API Bearer Token.
  2. Click Generate Token. Studio copies the token to your clipboard. The token is valid for 24 hours.
  3. Set an environment variable for your token:
$export TOKEN=$TOKEN

Insert data

When you insert a record, you specify the table name in the URL of the request and the record values in the request body. The request body is a JSON object with a records array. Each object in the records array has a fields object with the record values.

The following command inserts a single record into the credit_cards table:

$curl -s -X POST "$VAULT_URL/v1/vaults/$VAULT_ID/credit_cards" \
>-H "Content-Type: application/json" \
>-H "X-SKYFLOW-ACCOUNT-ID: $ACCOUNT_ID" \
>-H "Authorization: Bearer $TOKEN" \
>-d '{
>    "records": [
>        {
>            "fields": {
>                "card_number": "7483905725643605",
>                "cardholder_name": "Jane Doe",
>                "expiry_month": "08",
>                "expiry_year": "29"
>            }
>        }
>    ],
>    "tokenization": false
>}'

When you insert a record, Skyflow returns the skyflow_id of the record. You can use this ID to retrieve the record later.

1{
2  "records": [
3    {
4      "skyflow_id": "f47ac10b-58cc-4372-a567-0e02b2c3d479"
5    }
6  ]
7}

If you set the tokenization field to true, Skyflow also returns tokens for the inserted record values.

1{
2  "records": [
3    {
4      "skyflow_id": "f47ac10b-58cc-4372-a567-0e02b2c3d479",
5      "tokens": {
6        "card_number": "b320c8da-0a6e-4e53-9c4a-13d02f0e9a89",
7        "cardholder_name": "3d1b6d0f-7b79-4a8e-8b1c-2b4e5c6d7a8e",
8        "expiry_month": "9a4c55a7-65f9-4b56-8f43-1e9d2f0c3b86",
9        "expiry_year": "b4e58d6c-3a21-4f91-bdc9-87f2a0e4c1d3"
10      }
11    }
12  ]
13}

For insert options and behaviors, see Insert records.

Get data

You can use a record’s skyflow_id to return record data or tokens.

The following command returns values for the specified record.

$curl -s -X GET "$VAULT_URL/v1/vaults/$VAULT_ID/credit_cards/$SKYFLOW_ID" \
>-H "X-SKYFLOW-ACCOUNT-ID: $ACCOUNT_ID" \
>-H "Authorization: Bearer $TOKEN"

By default, the response includes data for all columns. Data is redacted according to the vault schema and the access policies assigned to the role making the API call.

1{
2  "fields": {
3    "card_number": "XXXXXXXXXXXX3605",
4    "cardholder_name": "*REDACTED*",
5    "expiry_month": "12",
6    "expiry_year": "29",
7    "skyflow_id": "e54ac2c6-83ba-4839-8668-e69d66172fa2"
8  }
9}

To return tokens instead of data, add the tokenization URL parameter and set it to true.

$curl -s -X GET "$VAULT_URL/v1/vaults/$VAULT_ID/credit_cards/$SKYFLOW_ID?tokenization=true" \
>-H "X-SKYFLOW-ACCOUNT-ID: $ACCOUNT_ID" \
>-H "Authorization: Bearer $TOKEN"

The response includes tokens for all columns that have been tokenized.

1{
2  "fields": {
3    "card_number": "5099-5623-3881-2592",
4    "cardholder_name": "c46288f6-00f1-4721-8bc4-6f6f2dd4e31e",
5    "expiry_month": "2d5f346d-92a7-4a34-9323-7f78e397bc8b",
6    "expiry_year": "c2db130e-fac8-4864-806a-6ab03d1be58b"
7  }
8}

For retrieval options and behaviors, see Get Record by ID.

Next steps

Now that you can insert and get records, you’re ready to start exploring more of what Skyflow has to offer.

Explore Skyflow
Explore Skyflow

See what Skyflow can do with Studio and the APIs..

Access controls
Access controls

Control who can access data and what they can do with it..

Tokenization
Tokenization

Swap sensitive data for non-sensitive tokens..

Data API
Data API

Programmatically store and manage your sensitive data..