Is OpenRedaction free?

Yes, the OpenRedaction library is free and open-source. Use it locally or self-host with no fees. Enterprise support and custom deployments are available via contact.

What is the difference between regex mode and AI mode?

OpenRedaction uses 500+ tested regex patterns for fast, deterministic PII detection. It works completely offline and is free. You run it in your own environment via the npm library.

Does OpenRedaction store my data?

When you use the open-source library, your data never leaves your environment. We do not operate a hosted service that processes or stores your text. Processing runs in your process only.

How do I get enterprise support?

OpenRedaction is open source and self-hostable. For enterprise support, custom deployments, or SLAs, contact us via the Enterprise page or contact form.

Open-source PII redaction for Node.js

Redact PII in Node.js before it leaves your app.

Run it locally. No API calls. No data leaves your system.

Need PII redaction?

Compare open source AI redaction tools.

Before OpenAI calls, see redact pii before openai.

View on GitHub Get Started

InputOutput

support note: customer said email me at john@email.com before 5, card ends 4242

support note: customer said email me at [REDACTED] before 5, card ends [REDACTED]

Emails, phones, cards

Built-in redaction for common sensitive fields.

500+ patterns

Large default pattern set out of the box.

Custom patterns

Add project-specific rules when needed.

Runs locally

No API calls. No external processing.

Deterministic

Same input, same output every time.

Fast inline use

Light enough for request-time redaction.

Safe for logs and prompts

Clean text before it spreads downstream.

Lightweight

No external dependencies to pull in.

Before / after

import { redact } from "openredaction";

const input = "helpdesk reply: reach me at alice@company.com, mobile 555-123-4567";
const { redactedText } = redact(input);

console.log(redactedText);
// helpdesk reply: reach me at [REDACTED], mobile [REDACTED]

Quick usage

Install it, import it, and redact before you send anything to an API.

npm install openredaction

import { redact } from "openredaction";

const text = "ticket: user said call me on 555-0199 after lunch";
const { redactedText } = redact(text);

console.log(redactedText);

“We added it in front of our prototype assistant so support emails get masked before prompts go out.”

Jordan P.

Small product team

“Not perfect for every edge case, but it gives us a practical baseline for sanitizing logs in Node.”

Maya R.

Indie SaaS

“We use it in staging and early production paths to reduce accidental PII leakage while we tune rules.”

Chris L.

Internal tooling

“The open-source approach made it easy to audit what is being redacted before we ship wider.”

Nina K.

Security-minded startup

“We added it in front of our prototype assistant so support emails get masked before prompts go out.”

Jordan P.

Small product team

“Not perfect for every edge case, but it gives us a practical baseline for sanitizing logs in Node.”

Maya R.

Indie SaaS

“We use it in staging and early production paths to reduce accidental PII leakage while we tune rules.”

Chris L.

Internal tooling

“The open-source approach made it easy to audit what is being redacted before we ship wider.”

Nina K.

Security-minded startup

Use case: prevent leaking PII to AI APIs

Redact data before sending it to AI APIs.

Keep pasted emails, callback numbers, card details, and account references out of prompts and logs.

Input

customer pasted: jane.doe@company.com, call back on 555-219-0081 before 4

Output

customer pasted: [REDACTED], call back on [REDACTED] before 4

Coming soon

Working on simple wrappers for common use cases:

OpenAI

OpenAI wrapper

Redact sensitive data from prompts before sending requests to OpenAI. Prevent emails, names, and other PII from leaving your application while keeping the same API usage pattern.

Express.js

Express middleware

Sanitise incoming request data automatically before it reaches your application logic. Helps prevent sensitive user information from being logged, stored, or forwarded.

Logging

Logging integrations

Redact sensitive fields before writing logs to tools like Pino or Winston. Avoid storing emails, phone numbers, and personal data while keeping logs.

Webhook

Webhook safety

Redact data before sending outbound requests to third-party like Slack or Zapier.

“OpenRedaction gave us a practical, inspectable first layer for masking obvious PII before prompts and logs.”

Samir Q.

Maintainer, internal AI tooling

Alternatives

OpenRedaction alongside AWS, Presidio, and Google DLP

A simple Node.js option if you want local redaction, plus common managed and Python-based alternatives.

Tool	Type	Runtime	Processing	Detection	Best fit
OpenRedaction	Open source	Node.js	Local or self-hosted	Deterministic regex	Teams wanting predictable redaction in JS stacks
AWS Comprehend	Managed	Managed AWS service	External cloud processing	ML-based entity detection	AWS-native pipelines
Microsoft Presidio	Open source	Python	Self-hosted	NLP + regex	Python teams with custom NLP needs
Google DLP	Managed	Managed GCP service	External cloud processing	ML + infoTypes	GCP-centric compliance workflows

Get started

Use it locally in your app.

Install it, drop it into your request path, and clean prompts, logs, or stored text before it leaves your system.

npm install openredaction

View on GitHub Install