n8n-nodes-redactor

Stop sending your customer data to OpenAI, Claude, and Gemini unprotected.
Built, maintained, and owned by next8n

Your customer data is leaving your server right now.

Every time your n8n workflow sends a customer email, phone number, address, IBAN, or credit card to OpenAI or Claude - that data is gone. You don't control it anymore. Your customer didn't consent to it. And under GDPR, you're liable.

You know this is a problem. Your clients know it too. But rebuilding every workflow to strip PII manually? That's weeks of work nobody has time for.

This node fixes it in 2 minutes.

Drop it between your data source and your LLM node. It automatically detects and replaces 200+ types of sensitive data with safe tokens. The LLM processes the clean data. Then the node swaps the original values back in. Your customer data never leaves your server.

No cloud service. No API keys. No third-party dependency. Everything runs locally on your machine.

How it works

[Your Data] --> [PII Redactor: REDACT] --> [OpenAI / Claude / Gemini] --> [PII Redactor: RESTORE] --> [Clean Output]

Before the LLM sees it:

{
  "message": "Mrs. Sarah Johnson (sarah@bigcorp.com) reported a billing issue. SSN: 987-65-4321"
}

What the LLM actually receives:

{
  "message": "[PERSON_0] ([EMAIL_1]) reported a billing issue. SSN: [SSN_2]"
}

After the LLM responds, the node restores everything automatically:

{
  "reply": "I've resolved the billing issue for Mrs. Sarah Johnson. A confirmation has been sent to sarah@bigcorp.com."
}

The LLM never saw the real data. Your customer never knew the difference.

What it detects (125+ sensitive data types across 11 categories)

Contact Information

Financial Data

Government IDs

Network & Digital

Location & Dates

Medical & Compliance

Government IDs (25+ countries)

Enterprise and Infrastructure

Vehicle

Biometric and Digital Identity

Custom Business Identifiers

Add your own patterns for anything specific to your business:

8 Operations: When to use what

Recommended workflow for production:

[Data Source] > Detect (assess) > Redact (protect) > [LLM] > Verify (confirm) > Restore (recover) > [Output] > Purge (cleanup)

7 Redaction Modes

Choose the right mode for your use case:

Smart features that matter

Deduplication

When the same email appears in 5 fields, it gets the same token ([EMAIL_0]) everywhere. The LLM understands it's the same person. Relationships in your data are preserved.

Field Targeting

Don't want to scan internal IDs or metadata? Use allowlist or denylist mode:

• Allowlist: Only scan user.email, *.phone, contacts[*].name
• Denylist: Skip internalId, metadata.*, debug

Persistent Vault

Choose between in-memory (fast, lost on restart) or file-based vault (survives n8n restarts). File vault stores mappings in ~/.n8n/pii-vault/. Sessions auto-expire based on TTL.

Session TTL

Vault sessions auto-expire after 60 minutes by default. No unbounded memory growth. Configurable per workflow.

Audit Report

Enable the second output to get a full compliance trail:

{
  "totalHits": 7,
  "hitsByCategory": { "contact": 3, "identity": 2, "financial": 2 },
  "hitsByPattern": { "EMAIL": 2, "PHONE": 1, "SSN": 1, "CREDIT_CARD": 1, "PERSON": 2 },
  "hits": [...]
}

Validation - Not Just Regex

Credit card numbers are Luhn-checked. IBANs are checksum-verified (ISO 13616). NHS numbers pass mod-11 validation. This means fewer false positives and less over-redaction that kills your LLM output quality.

Installation

From n8n (Recommended)

1. Go to Settings > Community Nodes
2. Enter n8n-nodes-redactor
3. Click Install
4. Done. The "Redactor" node appears in your node palette.

Manual

cd ~/.n8n/nodes
npm install n8n-nodes-redactor
# Restart n8n

Quick Start (2 minutes)

1. Install the node
2. Add "Redactor" to your workflow, set operation to Redact
3. Connect it before your OpenAI/Claude/Gemini node
4. Add another "Redactor" after the LLM node, set operation to Restore
5. Both nodes share the same Session ID (defaults to execution ID - works automatically)
6. Run your workflow. Customer data stays on your server.

That's it. No configuration needed for the default case.

Who this is for

• n8n consultants building AI workflows for clients who ask "is our data safe?"
• Agencies delivering GDPR-compliant automation for EU clients
• Companies processing customer support tickets, emails, or documents through LLMs
• Healthcare organizations that need HIPAA compliance before sending data to AI
• Anyone who lies awake thinking about what happens when customer data hits an external API

We build GDPR-compliant AI workflows. For a living.

We've delivered n8n + AI automation for clients across e-commerce, healthcare, financial services, and consulting. The GDPR question around client data hitting external APIs keeps coming up. We built this node because we needed it for real client projects.

This node exists because we solve this problem every day.

If you need help setting up PII-safe AI workflows, custom redaction rules, or end-to-end GDPR-compliant automation - we've done it before and would be happy to do it for you.

next8n.com  |  Schedule a call

Enterprise Features

7 Redaction Modes

Confidence Scoring and Threshold

Every detection gets a confidence score (0.0 to 1.0). Set a threshold to only redact high-confidence matches. Checksum-validated patterns (credit cards, IBANs) score 0.95. Broad patterns score lower. Reduces false positives by up to 50%.

Allow and Deny Lists

• Allow List: Values to NEVER redact (company email domains, public phone numbers)
• Deny List: Values to ALWAYS redact (project codenames, internal secrets)

Prompt Injection Detection

Scans input data for 25+ prompt injection patterns before it reaches an LLM. Detects instruction overrides, jailbreaks, delimiter escapes, encoded payloads, and zero-width character injection. Returns BLOCK/FLAG/CLEAN with a composite threat score.

Data Classification

Assigns sensitivity labels (PUBLIC / INTERNAL / CONFIDENTIAL / RESTRICTED) based on what PII categories are found. Escalation rules: 10+ CONFIDENTIAL hits escalate to RESTRICTED. Maps directly to enterprise data governance policies.

Vault Encryption (AES-256-GCM)

Encrypt vault files at rest with a passphrase. Each tenant uses a different passphrase for complete isolation. Even with filesystem access, encrypted files are unreadable without the key. scrypt key derivation resists brute-force attacks.

Persistent Audit Log

JSONL audit log of all redaction activity. Compatible with Splunk, ELK, Datadog. Daily rotation + 100MB size limit. Compliant with GDPR Art.30, HIPAA (6-year), SOX (7-year), PCI DSS (1-year) retention requirements.

GDPR Art.30 ROPA Report

Generates structured compliance reports covering all 8 fields required by GDPR Article 30(1): controller, purposes, data subjects, personal data categories, recipients, third-country transfers, retention, and security measures. Auto-populated from redaction results.

Per-Tenant Profiles

Save and load redaction configurations per client/tenant. Each profile defines: enabled patterns, allow/deny lists, confidence threshold, redaction mode, and compliance settings. Agencies managing multiple clients can switch profiles per workflow.

Enhanced NLP Detection (Optional Presidio Integration)

For users who need NLP-level accuracy in detecting person names, locations, and organizations in free text, the node optionally integrates with Microsoft Presidio (open source, MIT license).

What it adds: Catches "Sarah Johnson" and "Goldman Sachs" in free text paragraphs that regex alone cannot detect.

Setup (one command):

docker run -d -p 5002:3000 mcr.microsoft.com/presidio-analyzer

In the node: Toggle "Enhanced NLP Detection" to ON, enter http://localhost:5002. Done.

No Presidio? No problem. The node works perfectly without it. Presidio is an optional upgrade for maximum accuracy. If the container is unreachable, the node falls back silently to regex-only detection.

For docker-compose setup and language configuration, see docs/PRESIDIO_SETUP.md.

Missing a use case? We'll build it for you.

This node covers 210+ data types across 22 privacy regulations. But every business has unique data: internal codes, proprietary identifiers, industry-specific formats.

You can add your own patterns directly in the node UI using the Custom Patterns section. Define any regex, give it a label, and the engine will detect and redact it alongside the built-in patterns.

If there is a specific use case that is not covered here and you want us to cover it so that everyone can benefit from it, or if you want a customized implementation built on top of this node, reach out to us and we will be happy to enhance it accordingly.

Also by next8n

n8n-nodes-xentral - The most comprehensive n8n community node for Xentral ERP. 30 resources, 163 operations, 58 webhook events. Full API audit verified. If you're automating Xentral workflows, this is the node you need.

License

Fair Use Code License (FUCL)

Copyright (c) 2026 Mirza Iqbal / next8n. All rights reserved.

This node is published as an n8n community node for the benefit of the n8n ecosystem and the teams building AI workflows that need to handle customer data responsibly. However, the intellectual property, source code, and all associated rights are owned exclusively by the copyright holder.

Permitted:

• Install and use this node for your own internal workflows and business automation

Prohibited without explicit written consent:

• Copying, forking, or reproducing the source code in any form
• Commercial redistribution, resale, sublicensing, or white-labeling
• Creating derivative works or competing products based on this code
• Public redistribution of modified or unmodified versions
• Using the Software as part of a commercial service offering
• Removing or altering copyright notices or attribution

Attribution: This node was developed and is actively maintained by next8n. Attribution must be preserved in all copies.

This software is provided "as is", without warranty of any kind, express or implied.

We built it. We maintain it. We own the rights to the code.

Legal notice: This is an original, independently authored work. The entire source code is the intellectual property of the copyright holder. No third-party proprietary code is included. All PII detection runs locally using pattern matching and validation algorithms authored by next8n.

Interested in collaborating or contributing? We're open to partnerships. Let's talk.

For commercial licensing, partnership, or custom development: services.next8n.com