Portal
Manage API keys, providers, and tenant settings through the Noirdoc Portal.
Overview
The Noirdoc Portal is the management interface for managed/cloud deployments. Through the portal at portal.noirdoc.de, you can manage API keys, configure LLM providers, and adjust tenant settings.
The portal is available in Noirdoc’s managed service. For self-hosted deployments, settings are configured via environment variables. See Configuration Reference.
API keys
Create and manage proxy API keys (px-*) through the portal. Each key is scoped to your tenant and inherits the tenant’s provider configuration and pseudonymization settings.
Key lifecycle:
- Creation — The full key value is shown only once at creation. Store it securely immediately.
- Labeling — Assign a human-readable label to each key (e.g.,
production,staging,dev-team). - Deactivation — Delete a key to deactivate it. Deactivated keys can no longer authenticate proxy requests.
- Reactivation — Previously deactivated keys can be reactivated if needed.
You can also manage keys programmatically via the Portal API.
Providers
Configure LLM provider connections through the portal. For each provider, you supply your API key and any required connection settings. Noirdoc uses these credentials when forwarding pseudonymized requests to the provider.
Supported providers:
| Provider | Required fields | Optional fields |
|---|---|---|
| OpenAI | api_key | — |
| Anthropic | api_key | — |
| Azure OpenAI | api_key | base_url, api_version |
| OpenRouter | api_key | base_url |
Provider keys are encrypted at rest and never exposed to your application code. Your application only ever uses px-* proxy keys.
Settings reference
The following table lists all available tenant settings:
| Setting | Type | Default | Description |
|---|---|---|---|
mapping_ttl_days | number | 30 | Days pseudonym mappings are retained. 0 disables persistence. |
pseudonym_label | string | <<TYPE_N>> | Template for pseudonym tokens. Supports {type} and {n} variables. |
allow_file_content | boolean | false | Master switch for file content processing. |
file_analysis_mode | enum | pseudonymize | How files are handled: passthrough, detect_only, block, or pseudonymize. |
file_max_size_mb | number | 10 | Maximum file upload size in MB. |
file_ocr_enabled | boolean | true | Enable OCR for images and scanned PDFs. |
Detailed setting descriptions
mapping_ttl_days
Controls how long the bidirectional mapping between real values and pseudonyms is stored.
- Default: 30 — mappings persist for 30 days after last access.
- Higher values (e.g., 90, 365) — useful when conversations about the same entities span weeks or months, ensuring consistent pseudonyms.
- Lower values (e.g., 7) — reduces stored mapping data for high-volume tenants.
- Zero (0) — disables mapping persistence entirely. Mappings exist only for the lifetime of a single request.
When TTL is set to 0, the same person mentioned in two separate API calls may receive different pseudonyms (<<PERSON_1>> in the first call, <<PERSON_3>> in the next). Within a single call, consistency is always maintained.
pseudonym_label
Defines the format of pseudonym tokens inserted into text. The default format <<TYPE_N>> produces tokens like <<PERSON_1>> or <<EMAIL_2>>.
Template variables:
{type}— replaced with the entity type (e.g.,PERSON,EMAIL,IBAN).{n}— replaced with the sequential index.
Choose a format unlikely to appear in natural text and that your model handles well. The default double-angle-bracket format works reliably with most models.
File settings
- allow_file_content — Boolean master switch. When
false(default), files are never analyzed regardless of other settings. Set totrueto enable the file processing pipeline. - file_analysis_mode — Determines processing behavior:
passthrough(no analysis),detect_only(scan and log),block(reject if PII found), orpseudonymize(replace PII in files). - file_max_size_mb — Upper limit for uploads. Default is 10 MB.
- file_ocr_enabled — When
true(default), OCR is applied to images and scanned PDFs. Disabling reduces latency but skips PII in non-digital text.
For detailed file handling behavior, see File Handling.
Custom pseudonym labels
The default format <<TYPE_N>> can be customized using the pseudonym_label setting. Template variables {type} and {n} are substituted at runtime.
| Template | Output |
|---|---|
<<{type}_{n}>> (default) | <<PERSON_1>> |
[REDACTED_{type}_{n}] | [REDACTED_PERSON_1] |
{{{type}_{n}}} | {PERSON_1} |
Recommended configurations
Standard privacy (default)
Suitable for most use cases. Text is pseudonymized, files are not processed.
{
"mapping_ttl_days": 30,
"pseudonym_label": "<<{type}_{n}>>",
"allow_file_content": false
}Document-heavy workflows
For applications that regularly process PDFs, contracts, or reports containing personal data.
{
"mapping_ttl_days": 90,
"allow_file_content": true,
"file_analysis_mode": "pseudonymize",
"file_max_size_mb": 25,
"file_ocr_enabled": true
}Maximum privacy
For environments requiring the strictest data handling — no mapping persistence, files with PII are blocked.
{
"mapping_ttl_days": 0,
"allow_file_content": true,
"file_analysis_mode": "block",
"file_ocr_enabled": true
}Updating settings
Via the portal UI
Sign in to portal.noirdoc.de, navigate to your tenant settings, and update values through the web interface. Changes take effect immediately for all subsequent API requests.
Via the Portal API
Settings can also be updated programmatically. See Portal API for the PATCH /portal/settings endpoint.