A2A Personally Identifiable Information (PII) Detector Policy

Policy Name

A2A PII Detector Policy

Summary

Detects personally identifiable information (PII) in requests sent to the agent

Category

A2A

First Flex Gateway version available

v1.9.3

Returned Status Codes

Summary

The A2A PII Detector policy detects personally identifiable information (PII) in requests sent to the agent. If PII is detected, you can either log or block the request. A policy violation is always reported if PII is detected.

Configuring Policy Parameters

Flex Gateway Local Mode

The A2A PII Detector policy isn’t supported in Local Mode.

Managed Flex Gateway and Flex Gateway Connected Mode

When you apply the policy to your API instance from the UI, the following parameters are displayed:

Element Description

Element	Description
Entities	Array that defines the types of PII to detect. You can select multiple PII types. Supported values are `Email`, `US SSN`, `Credit Card`, `Phone Number`. For more information, see PII Types.
Action	Action to take when PII is detected. Supported values are `Log` or `Block`.

Entities

Array that defines the types of PII to detect. You can select multiple PII types. Supported values are Email, US SSN, Credit Card, Phone Number.
For more information, see PII Types.

Action

Action to take when PII is detected. Supported values are Log or Block.

PII Types

When you configure an A2A PII Detector policy, you can choose which types of PII to detect.

The following table describes the type of PII this policy can detect:

PII Type Description

PII Type	Description
Email	Standard email addresses such as `User.Name+tag@example.com`
US SSN	United States Social Security Numbers (SSNs) in the standard format: `XXX-XX-XXXX` where each `X` is a digit. For example: `123-45-6789`.
Credit Card	Credit card numbers in the form of four groups of four digits, separated by optional spaces or hyphens. Examples: `1234-5678-9012-3456`, `1234 5678 9012 3456`, or `1234567890123456`.
Phone Number	United States phone numbers in various formats, with or without country code, parentheses, spaces, hyphens, or dots. Examples: `123-456-7890`, `(123) 456-7890`, `123.456.7890`, `+1 123 456 7890`, or `1234567890`.

Standard email addresses such as User.Name+tag@example.com

US SSN

United States Social Security Numbers (SSNs) in the standard format: XXX-XX-XXXX where each X is a digit. For example: 123-45-6789.

Credit Card

Credit card numbers in the form of four groups of four digits, separated by optional spaces or hyphens. Examples: 1234-5678-9012-3456, 1234 5678 9012 3456, or 1234567890123456.

Phone Number

United States phone numbers in various formats, with or without country code, parentheses, spaces, hyphens, or dots. Examples: 123-456-7890, (123) 456-7890, 123.456.7890, +1 123 456 7890, or 1234567890.