UUID Protection Endpoint
METHOD: POST
ENDPOINT: https://dev.qupass.in/api/uuid
Description
The UUID endpoint enables the protection and unprotection of universally unique identifiers while transforming their original hexadecimal representation into a numeric-only character domain.
The returned token consists exclusively of decimal digits (0–9), ensuring compatibility with systems that operate on numeric-only representations, while allowing for an expanded length to accommodate secure, high-entropy token generation.
By converting from the original hexadecimal encoding space (0–9, a–f) to the decimal digit domain, the endpoint ensures that protected values remain syntactically valid within numeric processing environments, even though the original UUID structure (e.g., hyphen-separated segments such as “xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx”) and fixed-length constraints are not retained.
This approach enables strong protection guarantees through domain transformation, while supporting storage, indexing, and processing workflows that rely on numeric-only data representations.
Examples
- Input:
550e8400-e29b-41d4-a716-446655440000(HexaDecimal)- QuFold_Token:
Euqy1LlDUjlwma7t1VNuRxTxXVXBsr0njETtb6awSLO9K4gDVj90eS9PA3fnNBynwpqhWhj- ✅ Character set preserved (Alpha Numeric block)
- ✅ Encoding compatibility is maintained
- QuFold_Token:
Request Payload
HEADER PARAMETERS
- x-api-key
(required)Provides access to one or more functions in the API Playground. - Authorization
(required)The JWT token issued upon successful authentication. - qu-token
(required)QU token that you revceive at the time of login.
- x-api-key
PAYLOAD DETAILS
- id
(required)Integer identifier for the request. - operation
(required)Specifies the protection operation. Available:[protect | unprotect]. - data
(required)Array of values to be transformed. - options:
- method - Transformation method; Available:
[tokenise | fpe | mask | redact | passthrough].- Defaults to
tokenise
- Defaults to
- scope - User-defined context string; differentiates tokens across applications or datasets. (e.g.,
app1,azure+app1).- Defaults to
no-scope
- Defaults to
- noise - Adds controlled randomness.
- Defaults to
0, ensures deterministic tokenization within scope Non-zerovalues produce possibledistinct tokensfor the repeated inputs
- Defaults to
- method - Transformation method; Available:
- id
Sample Request
curl --location 'https://dev.qupass.in/api/uuid' \
--header 'x-api-key: <API_Key>' \
--header 'Authorization: <JWT_TOKEN>' \
--header 'qu-token: <QU_TOKEN>' \
--header 'Content-Type: application/json' \
--data '{
"id": 1,
"operation": "protect",
"data": [
"550e8400-e29b-41d4-a716-446655440000",
"123e4567-e89b-12d3-a456-426614174000",
"9a7b330a-2c4b-4f3d-9f8b-7c9e9d8a1234"
],
"options": {
"method": "tokenise",
"scope": "App1"
}
}'
package main
import (
"io"
"fmt"
"strings"
"net/http"
)
func main() {
API_Key := "<API_Key>"
JWT_Token := "<JWT_TOKEN>"
QU_Token := "<QU_TOKEN>"
url := "https://dev.qupass.in/api/uuid"
data := strings.NewReader(`{
"id":1,
"operation": "protect",
"data": [
"550e8400-e29b-41d4-a716-446655440000",
"123e4567-e89b-12d3-a456-426614174000",
"9a7b330a-2c4b-4f3d-9f8b-7c9e9d8a1234"
],
"options": {
"method": "tokenise",
"scope": "App1"
}
}`)
req, err := http.NewRequest("POST", url, data)
if err != nil {
fmt.Println(err)
return
}
req.Header.Set("x-api-key", API_Key)
req.Header.Set("Authorization", JWT_Token)
req.Header.Set("qu-token", QU_Token)
req.Header.Set("Content-Type", "application/json")
client := &http.Client{}
resp, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer resp.Body.Close()
body, err := io.ReadAll(resp.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}
import java.net.HttpURLConnection;
import java.net.URI;
import java.net.URL;
import java.io.OutputStream;
import java.io.InputStreamReader;
import java.io.BufferedReader;
import java.nio.charset.StandardCharsets;
public class APIRequest {
public static void main(String[] args) {
try {
String API_Key = "<API_Key>";
String JWT_Token = "<JWT_TOKEN>";
String QU_Token = "<QU_TOKEN>";
URI uri = new URI("https://dev.qupass.in/api/uuid");
String data = "{"
+ "\"id\": 1,"
+ "\"operation\": \"protect\","
+ "\"data\": ["
+ "\"550e8400-e29b-41d4-a716-446655440000\","
+ "\"123e4567-e89b-12d3-a456-426614174000\","
+ "\"9a7b330a-2c4b-4f3d-9f8b-7c9e9d8a1234\""
+ "],"
+ "\"options\": {"
+ "\"method\": \"tokenise\","
+ "\"scope\": \"App1\""
+ "}"
+ "}";
URL url = uri.toURL();
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setRequestProperty("x-api-key", API_Key);
conn.setRequestProperty("Authorization", JWT_Token);
conn.setRequestProperty("qu-token", QU_Token);
conn.setRequestProperty("Content-Type", "application/json");
conn.setDoOutput(true);
// Send request body
try (OutputStream os = conn.getOutputStream()) {
byte[] input = data.getBytes(StandardCharsets.UTF_8);
os.write(input, 0, input.length);
}
int statusCode = conn.getResponseCode();
BufferedReader br;
if (statusCode >= 200 && statusCode < 300) {
br = new BufferedReader(new InputStreamReader(conn.getInputStream(), StandardCharsets.UTF_8));
} else {
br = new BufferedReader(new InputStreamReader(conn.getErrorStream(), StandardCharsets.UTF_8));
}
StringBuilder response = new StringBuilder();
String line;
while ((line = br.readLine()) != null) {
response.append(line.trim());
}
System.out.println(response.toString());
} catch (Exception e) {
e.printStackTrace();
}
}
}
const API_Key = "<API_Key>";
const JWT_Token = "<JWT_TOKEN>";
const QU_Token = "<QU_TOKEN>";
const url = "https://dev.qupass.in/api/uuid";
const data = {
id: 1,
operation: "protect",
data: [
"550e8400-e29b-41d4-a716-446655440000",
"123e4567-e89b-12d3-a456-426614174000",
"9a7b330a-2c4b-4f3d-9f8b-7c9e9d8a1234"
],
options: {
method: "tokenise",
scope: "App1"
}
};
fetch(url, {
method: "POST",
headers: {
"x-api-key": API_Key,
"Authorization": JWT_Token,
"qu-token": QU_Token,
"Content-Type": "application/json"
},
body: JSON.stringify(data)
})
.then(async (response) => {
const text = await response.text(); // raw response like Python's response.text
if (!response.ok) {
throw new Error(`HTTP ${response.status}: ${text}`);
}
console.log(text);
})
.catch((error) => {
console.error("Error:", error.message);
});
<?php
$API_Key = "<API_Key>";
$JWT_Token = "<JWT_TOKEN>";
$QU_Token = "<QU_TOKEN>";
$url = "https://dev.qupass.in/api/uuid";
$headers = [
"x-api-key: $API_Key",
"Authorization: $JWT_Token",
"qu-token: $QU_Token",
"Content-Type: application/json"
];
$data = [
"id" => 1,
"operation" => "protect",
"data" => [
"550e8400-e29b-41d4-a716-446655440000",
"123e4567-e89b-12d3-a456-426614174000",
"9a7b330a-2c4b-4f3d-9f8b-7c9e9d8a1234"
],
"options" => [
"method" => "tokenise",
"scope" => "App1"
]
];
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($data));
$response = curl_exec($ch);
if (curl_errno($ch)) {
echo 'Error:' . curl_error($ch);
} else {
echo $response;
}
curl_close($ch);
?>
import requests
import json
API_Key = "<API_Key>"
JWT_Token = "<JWT_TOKEN>"
QU_Token = "<QU_TOKEN>"
url = 'https://dev.qupass.in/api/uuid'
headers = {
'x-api-key': API_Key,
'Authorization': JWT_Token,
'qu-token': QU_Token,
'Content-Type': 'application/json'
}
data = {
"id": 1,
"operation": "protect",
"data": [
"550e8400-e29b-41d4-a716-446655440000",
"123e4567-e89b-12d3-a456-426614174000",
"9a7b330a-2c4b-4f3d-9f8b-7c9e9d8a1234"
],
"options": {
"method": "tokenise",
"scope": "App1"
}
}
response = requests.post(url, headers=headers, data=json.dumps(data))
print(response.text)
Sample Data Payload and Output
PROTECTION SCENARIOS:
| Input | Output |
|---|---|
| |
UNPROTECTION SCENARIOS:
| Input | Output |
|---|---|
| |
| |
| |