Skip to main content
The Rehydra CLI lets you anonymize files and piped text directly from the terminal — no code required.

Installation

The CLI is published as a separate lightweight package: 
npm install -g @rehydra/cli
Or run directly without installing globally: 
npx @rehydra/cli anonymize input.txt
The CLI requires Node.js 18+ and depends on the rehydra SDK package (installed automatically).

Commands

anonymize

Detect and replace PII in a file or stdin. 
# Anonymize a file
rehydra anonymize input.txt -o output.txt

# Pipe from stdin
echo "Contact john@example.com" | rehydra anonymize

# With NER (detects names, orgs, locations)
rehydra anonymize input.txt --ner quantized

# JSON output
rehydra anonymize input.txt -f json

# Only detect specific types
rehydra anonymize input.txt --types EMAIL,PHONE,IBAN

# Irreversible mode (no PII map saved)
rehydra anonymize input.txt --mode anonymize
By default, the anonymize command:
  • Uses regex-only detection (no NER)
  • Runs in pseudonymize mode (saves an encrypted PII map for later rehydration)
  • Writes the PII map to .rehydra-pii-map.json
  • Generates a random encryption key and stores it in the PII map file

rehydrate

Restore original PII values from anonymized text using the saved PII map. 
# Rehydrate using the default PII map file
rehydra rehydrate anonymized.txt

# Specify a PII map file
rehydra rehydrate anonymized.txt --pii-map my-pii-map.json

# Use an explicit key (if not stored in the PII map file)
rehydra rehydrate anonymized.txt --key <base64-key>
The encryption key is resolved in order: --key flag, REHYDRA_KEY environment variable, then the key embedded in the PII map file.

inspect

Dry-run that shows detected PII highlighted in context without anonymizing. Useful for previewing what will be detected. 
# Inspect a file
rehydra inspect input.txt

# With NER
rehydra inspect input.txt --ner quantized
Output shows the original text with PII highlighted and labeled by type using color coding.

proxy

Start a local HTTP proxy that anonymizes PII in requests to LLM APIs and rehydrates PII in responses. 
# Start proxy for Anthropic (Claude Code, Cursor, etc.)
rehydra proxy anthropic

# Start proxy for OpenAI
rehydra proxy openai

# "claude" is an alias for "anthropic"
rehydra proxy claude

# Custom port
rehydra proxy anthropic -p 9000

# Inject an API key (bridges OAuth clients to API key auth)
rehydra proxy anthropic --api-key sk-ant-...

# Or set the key via environment variable
export LLM_API_KEY=sk-ant-...
rehydra proxy anthropic
Supported providers: openai, anthropic, claude (alias for anthropic)

How It Works

  1. The proxy starts immediately with regex-only detection so there’s no startup delay
  2. In the background, the NER model downloads (if needed) and loads
  3. Once NER is ready, the proxy hot-swaps to regex + NER detection — no restart required
The --ner flag defaults to quantized for the proxy command (unlike other commands which default to disabled). Pass --ner disabled to use regex-only detection.

Connecting Your Tools

The proxy prints connection instructions on startup. Here are the common setups: 
ANTHROPIC_BASE_URL=http://127.0.0.1:8787 claude

API Key Injection

Use --api-key (or the LLM_API_KEY environment variable) to inject an API key into upstream requests. This is useful when your tool authenticates via OAuth but the upstream API requires an API key: 
# Claude Code with Max uses OAuth — bridge it to API key auth
rehydra proxy claude --api-key sk-ant-...
ANTHROPIC_BASE_URL=http://127.0.0.1:8787 claude
The proxy uses in-memory storage — PII maps are not persisted to disk. Each proxy session starts fresh.

setup-ner

Download the NER model ahead of time so anonymize/inspect don’t need to download on first use. 
# Download quantized model (~280 MB)
rehydra setup-ner

# Download standard model (~1.1 GB)
rehydra setup-ner --ner standard

Round-Trip Example

# 1. Anonymize
rehydra anonymize letter.txt -o anonymized.txt --ner quantized

# 2. Process the anonymized text (e.g., translate externally)
# ... PII placeholders are preserved by most tools ...

# 3. Rehydrate
rehydra rehydrate translated.txt -o final.txt

Options Reference

FlagShortDefaultDescription
--output <file>-ostdoutOutput file
--format <fmt>-ftextOutput format: text, json, ndjson
--ner <mode>disabledNER mode: disabled, quantized, standard
--pii-map <file>.rehydra-pii-map.jsonPII map file path
--key <key>Encryption key (base64), or set REHYDRA_KEY env var
--types <types>allComma-separated PII types to detect
--mode <mode>pseudonymizepseudonymize (reversible) or anonymize (irreversible)
--locale <locale>Locale hint (e.g., de-DE)
--secretsEnable secrets/credentials detection
--env-file <file>.env file path for literal value redaction
--port <port>-p8787Proxy port (proxy command)
--upstream <url>Custom upstream URL, overrides provider default (proxy command)
--api-key <key>LLM API key for upstream, or set LLM_API_KEY env var (proxy command)
--tag-open <str><Tag open delimiter
--tag-close <str>/>Tag close delimiter
--tag-keyword <str>PIITag keyword
--no-colorDisable colored output
--verboseShow detection statistics
--quiet-qSuppress non-essential output
--help-hShow help
--version-VShow version

Custom Tag Format

By default, placeholders use XML-style tags: <PII type="EMAIL" id="1"/>. Use --tag-open, --tag-close, and --tag-keyword to change the format: 
# Bracket-style: [[PII type="EMAIL" id="1"]]
rehydra anonymize input.txt --tag-open '[[' --tag-close ']]'

# Custom keyword: {{REDACTED type="EMAIL" id="1"}}
rehydra anonymize input.txt --tag-open '{{' --tag-close '}}' --tag-keyword REDACTED
The same flags work with rehydrate, inspect, and proxy. Use matching flags during rehydration: 
rehydra anonymize input.txt -o anon.txt --tag-open '[[' --tag-close ']]'
rehydra rehydrate anon.txt --tag-open '[[' --tag-close ']]'

Output Formats

text (default)

Returns the anonymized text as-is: 
Contact <PII type="EMAIL" id="1"/> or call <PII type="PHONE" id="1"/>.

json

Structured JSON with anonymized text, entities, and stats: 
{
  "anonymizedText": "Contact <PII type=\"EMAIL\" id=\"1\"/>...",
  "entities": [
    { "type": "EMAIL", "id": 1, "confidence": 0.95, "source": "REGEX" }
  ],
  "stats": {
    "totalEntities": 1,
    "countsByType": { "EMAIL": 1 },
    "processingTimeMs": 5
  }
}

ndjson

One JSON line per entity, plus a summary line — useful for streaming pipelines: 
{"type":"EMAIL","id":1,"confidence":0.95,"source":"REGEX"}
{"_type":"summary","anonymizedText":"...","totalEntities":1,"processingTimeMs":5}

Encryption Key Management

By default, rehydra anonymize generates a random key and embeds it in the PII map file. For production use, supply your own key: 
# Generate a key
openssl rand -base64 32

# Use via environment variable
export REHYDRA_KEY="your-base64-key"
rehydra anonymize input.txt

# Or via flag (key is NOT stored in the PII map file)
rehydra anonymize input.txt --key "your-base64-key"
rehydra rehydrate output.txt --key "your-base64-key"
When you provide a key via --key or REHYDRA_KEY, it is not written to the PII map file, keeping it separate from the encrypted data.

Exit Codes

CodeMeaning
0Success (PII found and processed)
1Error
2Success but no PII detected

Next Steps

Quick Start

Use Rehydra programmatically in your app

PII Types

See all PII types the CLI can detect