# Core API Quickstart
This guide will help you make your first API call to Skyflow. By the end of this guide, you’ll have used the Skyflow API to insert and retrieve sensitive data from a vault.
## Prerequisites
For this guide, you need a Skyflow account. If you don’t have an account, you can [sign up for a free trial account](https://www.skyflow.com/contact-sales).
* For trial accounts, log in to try.skyflow.com.
* For production accounts, log in to your dedicated sign in URL.
## Overview
This guide will show you how to insert and retrieve data from a Skyflow vault in four steps:
1. Setting up a vault
2. Getting authenticated
3. Inserting data
4. Retrieving data
In this tutorial, we’ll use the **Quickstart vault**, which is accessible from any Skyflow account (see Step 1 below for more details). You can follow along with your own vault as well, but keep in mind that the example code may differ slightly from what you would use.
## Setting Up a Vault
The Quickstart vault is a simple vault designed to help you get started with Skyflow’s API. If you have a trial account, you’ll see that a Quickstart vault has been created for you automatically.
If you don’t see the Quickstart vault, you can create one from the Vault Dashboard by clicking **Create Vault > Start With A Template > Quickstart > Create** as shown below:
The Quickstart vault comes with a simple schema and some data already loaded for your convenience. In this tutorial, we will be using the **credit_cards** table.
## Getting Authenticated
To use the API, you need an API bearer token to authenticate your requests.
If you’re using a trial account, you can generate an API bearer token by clicking **your name icon in the top right > Generate API Bearer Token > Generate Token > Copy icon** as shown below. This token is valid for 24 hours. You can always return to this menu to generate another bearer token.
**Important**: This feature is offered for convenience purposes in trial accounts only. If you’re using a production account, read our tutorial on [API Authentication](/api-authentication) for instructions on how to obtain a bearer token.
## Using Postman Collections
In the remaining steps, you’ll make API calls to read from and write to your vault. You can use whichever API client is most convenient for you, though we recommend using [Postman](https://www.postman.com/) to get started quickly. If you don’t plan on using Postman, you can skip this step.
Skyflow can automatically generate a Postman Collection specific to your vault. To use it, go to the Vault Browser menu and click **Postman Collection** as shown below.
A JSON file will download to your machine. In Postman, you’ll import this file as a collection by doing the following:
1. Go to the Workspaces tab and click **Import**.
2. Click **Upload Files** or drag and drop the json file into the field.
3. Click **Import**.
Once imported, the collection will be added with the name of your vault (in the example, “QuickstartVault48748”). Click this collection and click the Variables tab. Then paste the API bearer token from the previous step into the “bearerToken” Current Value column as shown below.
**Important**: You must click **Save** in Postman after pasting in the bearerToken. You may have to close the right-hand area before the Save button is visible.
Let's start making API calls!
## Inserting Data into the Vault
To start, we’ll insert some fake data into the vault using the Insert Record API. The guide below explains how to do this using the Postman Collection or with a manual cURL request.
<Tabs>
<Tab label="Postman">
<InsertRecordPostman />
</Tab>
<Tab label="cURL">
<InsertRecordCurl />
</Tab>
</Tabs>
## Reading Data from the Vault
To read data from the vault, use the Get Record API in Postman, or enter a manual cURL request.
<Tabs>
<Tab label="Postman">
<ReadDataPostman />
</Tab>
<Tab label="cURL">
<ReadDataCurl />
</Tab>
</Tabs>
### Dynamic Data Redaction
Skyflow applies dynamic data redaction whenever data is retrieved from a vault. Data can be returned in one of the following redaction formats:
| Redaction Type | Description | Example |
| ------------------- | ----------- | ------- |
| REDACTED | The value will be fully redacted in the response. | “John Doe” → “*REDACTED*” |
| MASKED | The value will be partially redacted (masked) in the response. The masking format for a given data field is configured in the vault schema. | “4111111111111111” → “************1111 |
| PLAIN_TEXT | The value will be returned in plain text in the response. | “11/25” → “11/25” |
| DEFAULT | The value will be redacted using the default redaction format defined in the vault schema. Fields may have different default redaction formats. |
To redact the data, use the Get Record API in Postman, or enter a manual cURL request.
<Tabs>
<Tab label="Postman">
<RedactionPostman />
</Tab>
<Tab label="cURL">
<RedactionCurl />
</Tab>
</Tabs>
Go ahead and send the request! You should get back a response that looks similar to the one below:
```json
{
"fields": {
"card_number": "XXXXXXXXXXXX1111",
"cardholder_name": "*REDACTED*",
"expiry_date": "11/25"
"skyflow_id": "df38cdf0-701f-43b5-b954-4dbe9873b0f0"
}
}
```
Notice, the **card_number** field is masked such that only the last 4 digits are visible, the **cardholder_name** field is fully redacted, and the **expiry_date** is returned in plain text. These defaults are configured in the vault schema. You can learn more about this in the [Creating a Custom Vault](/creating-a-custom-vault) guide.
Try sending the same request but this time, specify **?redaction=PLAIN_TEXT**. You’ll get back a response like the following:
```json
{
"fields": {
"card_number": "411111111111",
"cardholder_name": "John Doe",
"expiry_date": "11/25"
"skyflow_id": "df38cdf0-701f-43b5-b954-4dbe9873b0f0"
}
}
```
**Important**: This only works if you have permission to read the data in plain text. As the vault owner, you have plain text access by default. To learn more about data governance and how you can configure access control policies, see the [Data Governance Overview](/data-governance-overview) article.
## Next Steps
Congratulations! You’re ready to start storing sensitive data in a secure vault!
As next steps, check out the other [Data APIs](/apireference) or one of the articles below:
* [Creating a Custom Vault](/creating-a-custom-vault)
* [Tokenization Overview](/tokenization-overview)
* [Data Governance Overview](/data-governance-overview)
Google Drive
Gist
Clipboard
Sign in with Wallet
