# piiMiddleware

> **Function** in `langchain`

📖 [View in docs](https://reference.langchain.com/javascript/langchain/index/piiMiddleware)

Creates a middleware that detects and handles personally identifiable information (PII)
in conversations.

This middleware detects common PII types and applies configurable strategies to handle them.
It can detect emails, credit cards, IP addresses, MAC addresses, and URLs in both user input
and agent output.

Built-in PII types:
- `email`: Email addresses
- `credit_card`: Credit card numbers (validated with Luhn algorithm)
- `ip`: IP addresses (validated)
- `mac_address`: MAC addresses
- `url`: URLs (both `http`/`https` and bare URLs)

Strategies:
- `block`: Raise an exception when PII is detected
- `redact`: Replace PII with `[REDACTED_TYPE]` placeholders
- `mask`: Partially mask PII (e.g., `****-****-****-1234` for credit card)
- `hash`: Replace PII with deterministic hash (e.g., `<email_hash:a1b2c3d4>`)

Strategy Selection Guide:
| Strategy | Preserves Identity? | Best For                                |
| -------- | ------------------- | --------------------------------------- |
| `block`  | N/A                 | Avoid PII completely                    |
| `redact` | No                  | General compliance, log sanitization    |
| `mask`   | No                  | Human readability, customer service UIs |
| `hash`   | Yes (pseudonymous)  | Analytics, debugging                    |

## Signature

```javascript
piiMiddleware(piiType: string, options: __type = {}): AgentMiddleware<undefined, ZodObject<__type, "strip", ZodTypeAny, __type, __type>, __type, readonly ClientTool | ServerTool[], readonly []>
```

## Parameters

| Name | Type | Required | Description |
|------|------|----------|-------------|
| `piiType` | `string` | Yes | Type of PII to detect. Can be a built-in type (`email`, `credit_card`, `ip`, `mac_address`, `url`) or a custom type name. |
| `options` | `__type` | No | Configuration options (default: `{}`) |

## Returns

`AgentMiddleware<undefined, ZodObject<__type, "strip", ZodTypeAny, __type, __type>, __type, readonly ClientTool | ServerTool[], readonly []>`

Middleware instance for use with `createAgent`

## Examples

### Example 1

```typescript
import { piiMiddleware } from "langchain";
import { createAgent } from "langchain";

// Redact all emails in user input
const agent = createAgent({
  model: "openai:gpt-4",
  middleware: [
    piiMiddleware("email", { strategy: "redact" }),
  ],
});
```

### Example 2

```typescript
const agent = createAgent({
  model: "openai:gpt-4o",
  middleware: [
    piiMiddleware("credit_card", { strategy: "mask" }),
    piiMiddleware("url", { strategy: "redact" }),
    piiMiddleware("ip", { strategy: "hash" }),
  ],
});
```

### Example 3

```typescript
const agent = createAgent({
  model: "openai:gpt-4",
  middleware: [
    piiMiddleware("api_key", {
      detector: "sk-[a-zA-Z0-9]{32}",
      strategy: "block",
    }),
  ],
});
```

---

[View source on GitHub](https://github.com/langchain-ai/langchainjs/blob/6d212ef91affd19b71dac22fd3761287a96108bf/libs/langchain/src/agents/middleware/pii.ts#L546)