> ## Documentation Index
> Fetch the complete documentation index at: https://docs.rehydra.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Recognizers

> How Rehydra detects sensitive values across built-in, NER, and custom sources

Recognizers are the detection building blocks in Rehydra. They decide which spans count as sensitive before placeholders are generated.

## Four Recognizer Sources

### Built-in Regex Recognizers

These cover structured values with stable formats, such as emails, phone numbers, dates, IBANs, URLs, and credit card numbers.

They are fast, local, and usually the default foundation of a Rehydra setup.

### NER-Based Detection

The optional NER model handles contextual entities that are hard to capture with regex alone, especially:

* `PERSON`
* `ORG`
* `LOCATION`
* `ADDRESS`
* `DATE_OF_BIRTH`

This layer is useful when privacy depends on names and other meaning-dependent entities, not just formatted identifiers.

### Secrets Recognizers

The opt-in secrets recognizers detect credentials and keys such as API keys, private keys, JWTs, database connection strings, AWS credentials, and secrets embedded in `.env` files or config files.

They are enabled by setting `secrets: { enabled: true }` in `createAnonymizer()`.

### Custom Recognizers

Custom recognizers let you add business-specific patterns like order IDs, support tickets, claim numbers, or internal account references.

They are the right tool when your domain has sensitive identifiers the built-in recognizers do not know about.

## How Recognizers Work Together

Rehydra can combine multiple sources in one pass:

* Regex recognizers detect structured values
* NER detects contextual values if enabled
* Secrets recognizers detect credentials and keys if enabled
* Custom recognizers add product- or company-specific coverage
* Overlapping matches are resolved by policy rules

## Registry and Extensibility

The SDK exposes a recognizer registry so you can register or remove recognizers and even supply a custom registry to `createAnonymizer()`.

```typescript theme={null}
const registry = anonymizer.getRegistry();
registry.register(myRecognizer);
```

## Choosing the Right Recognizer Strategy

Use built-in regex recognizers when:

* Formats are predictable
* You want fast local detection
* You do not need model downloads

Use NER when:

* You need names, organizations, or locations
* Context matters more than fixed format

Use secrets recognizers when:

* Your text may contain API keys, tokens, or database credentials
* You process `.env` files or config files with embedded secrets
* You want to prevent credential leaks to LLMs or external services

Use custom recognizers when:

* You need to protect internal identifiers
* Your domain uses proprietary patterns
* You want narrow, high-precision rules for business data

## Next Steps

<CardGroup cols={3}>
  <Card title="PII Types" icon="shield" href="/concepts/pii-types">
    See the categories recognizers map into.
  </Card>

  <Card title="Secrets Detection" icon="key" href="/guides/secrets-detection">
    Enable detection for credentials and keys.
  </Card>

  <Card title="Custom Recognizers" icon="code" href="/guides/custom-recognizers">
    Implement your own recognizers and registry setup.
  </Card>
</CardGroup>
