Masking Errors & Limits

All error responses, HTTP status codes, and payload limits for Protecto Masking APIs.

All Masking APIs (Mask with Token, Mask with Format, Identify and Mask, Mask with Policy, Mask with Attributes) share the same error format and limits.

Error response format

All masking errors return a consistent structure:

{
  "data": null,
  "success": false,
  "error": {
    "message": "Payload is empty"
  }
}

Field	Type	Description
`success`	boolean	Always `false` for errors
`data`	null	Always `null` for errors
`error.message`	string	Human-readable error description

Error messages by category

HTTP status	Error message	When it occurs
400	`Payload is empty`	Request body is empty or `mask` array is empty
400	`mask data missing`	The `mask` key is missing from the request body
400	`Missing value`	One or more `mask[].value` fields are empty
400	`Missing token_name`	The `token_name` field is empty or not provided

Limits

Constraint	Value
Maximum masked output length	600 characters
Trial token creation limit	1,000 masked values
Rate limits	Plan-based (enforced on all tiers)

The 600-character limit applies to the masked output, not just the input. Split large inputs into smaller values before masking.

Retry behavior

HTTP status	Scenario	Recommended action
400	Validation or input error	Do not retry — fix the request
403	Trial subscription exhausted	Upgrade subscription
500	Internal failure after retries	Retry with exponential backoff or contact support

Masking is deterministic. Retrying the same request does not create duplicate or inconsistent tokens.

Best practices

Validate request payloads before sending — check that mask, value, token_name, and format fields are populated
Keep masked outputs under 600 characters by splitting long inputs
Handle trial subscription exhaustion gracefully with clear user-facing messaging
Log error messages exactly as returned for support and debugging

Was this page helpful?

Last updated 3 weeks ago

Built with Documentation.AI