default<\/strong> function to mask four of the columns, as shown in the following T-SQL script:<\/p>\nUSE master;\r\n GO\r\n CREATE DATABASE EmpData4;\r\n GO\r\n USE EmpData4;\r\n GO\r\n CREATE TABLE EmpInfo(\r\n \u00a0 EmpID INT PRIMARY KEY,\r\n \u00a0 FirstName NVARCHAR(50) NOT NULL,\r\n \u00a0 LastName NVARCHAR(50)\u00a0\r\n \u00a0 \u00a0 MASKED WITH (FUNCTION = 'default()') NOT NULL,\r\n \u00a0 Birthdate DATE \u00a0\r\n \u00a0 \u00a0 MASKED WITH (FUNCTION = 'default()') NOT NULL,\r\n \u00a0 CurrentFlag BIT \u00a0\r\n \u00a0 \u00a0 MASKED WITH (FUNCTION = 'default()') NOT NULL,\r\n \u00a0 SalesLastYear MONEY \u00a0\r\n \u00a0 \u00a0 MASKED WITH (FUNCTION = 'default()') NOT NULL,\r\n \u00a0 EmailAddress NVARCHAR(50),\r\n \u00a0 SickLeave INT,\r\n \u00a0 SalesYTD MONEY,\r\n \u00a0 NatID NVARCHAR(15),\r\n \u00a0 PhoneNumber NVARCHAR(25));\r\n GO\r\n INSERT INTO EmpInfo\u00a0\r\n SELECT e.BusinessEntityID,\r\n \u00a0 sp.FirstName, sp.LastName,\r\n \u00a0 e.BirthDate, e.CurrentFlag, sp.SalesLastYear,\r\n \u00a0 sp.EmailAddress, e.SickLeaveHours, sp.SalesYTD,\u00a0\r\n \u00a0 e.NationalIDNumber, sp.PhoneNumber\r\n FROM AdventureWorks2014.HumanResources.Employee e\r\n \u00a0 INNER JOIN AdventureWorks2014.Sales.vSalesPerson sp\r\n \u00a0 ON e.BusinessEntityID = sp.BusinessEntityID\r\n WHERE sp.CountryRegionName = 'United States';<\/pre>\nThe table includes a number of extra columns, which we\u2019ll be using in subsequent examples. For now, let\u2019s focus on the four DDM columns.<\/p>\n
The definition for each of these columns includes the MASKED<\/strong> WITH<\/strong> clause, which must come before the NULL<\/strong> or NOT<\/strong> NULL<\/strong> option. Within the clause, we specify the DDM function, in this case, default<\/strong>, enclosed in single quotes.<\/p>\nWith our table in place and populated, let\u2019s query the masked columns, using the same privileged account we used to create the table:<\/p>\n
SELECT TOP 5\r\n \u00a0 EmpID, FirstName, LastName,\u00a0\r\n \u00a0 Birthdate, CurrentFlag, SalesLastYear\u00a0\r\n FROM EmpInfo;<\/pre>\nBecause we\u2019re running the query under a privileged account, we have full access to the data, despite having implemented the masking rules. For this reason, the SELECT<\/strong> statement will return the same results (shown in the following table) that we would get if the masking rules had not been added to the column definitions.<\/p>\n\n\n\n| EmpID<\/td>\n | FirstName<\/td>\n | LastName<\/td>\n | Birthdate<\/td>\n | CurrentFlag<\/td>\n | SalesLastYear<\/td>\n<\/tr>\n<\/thead>\n |
\n\n| 274<\/td>\n | Stephen<\/td>\n | Jiang<\/td>\n | 1951-10-17<\/td>\n | 1<\/td>\n | 0.00<\/td>\n<\/tr>\n |
\n| 275<\/td>\n | Michael<\/td>\n | Blythe<\/td>\n | 1968-12-25<\/td>\n | 1<\/td>\n | 1750406.4785<\/td>\n<\/tr>\n |
\n| 276<\/td>\n | Linda<\/td>\n | Mitchell<\/td>\n | 1980-02-27<\/td>\n | 1<\/td>\n | 1439156.0291<\/td>\n<\/tr>\n |
\n| 277<\/td>\n | Jillian<\/td>\n | Carson<\/td>\n | 1962-08-29<\/td>\n | 1<\/td>\n | 1997186.2037<\/td>\n<\/tr>\n |
\n| 279<\/td>\n | Tsvi<\/td>\n | Reiter<\/td>\n | 1974-01-18<\/td>\n | 1<\/td>\n | 1849640.9418<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n Notice that we did not have to change our query in any way and that the data is unchanged. When the database engine saw that we had access rights to that data, it returned the values just like they\u2019re stored in the database.<\/p>\n Controlling access to masked data<\/h2>\nThe key to controlling access to masked data is in the privileges granted to the user accounts. When I created the table and then queried the data, I was logged in with an administrative account. However, an account that has been granted only SELECT<\/strong> permission on the table will see the data as masked.<\/p>\nTo test this out, let\u2019s start by creating a local user account on the EmpData4<\/strong> database and granting that account the SELECT<\/strong> permission:<\/p>\nUSE EmpData4;\r\n GO\r\n CREATE USER user1 WITHOUT LOGIN;\r\n GRANT SELECT ON OBJECT::dbo.EmpInfo TO user1; \u00a0\r\n GO<\/pre>\nThis should all be fairly straightforward. We\u2019ve created an account in the database that is not linked to a login (to keep things simple for our testing), and then we granted the SELECT<\/strong> permission to that account to allow read access to the EmpInfo<\/strong> table.<\/p>\nNow let\u2019s run our SELECT<\/strong> statement again, only this time, we\u2019ll do it within the context of the new user:<\/p>\nEXECUTE AS USER = 'user1';\r\n SELECT TOP 5\r\n \u00a0 EmpID, FirstName, LastName,\u00a0\r\n \u00a0 Birthdate, CurrentFlag, SalesLastYear\u00a0\r\n FROM EmpInfo;\r\n REVERT;<\/pre>\nWe\u2019re simply using the EXECUTE<\/strong> AS<\/strong> and REVERT<\/strong> statements to get the data that the new user would see. As the following table shows, the values in the four columns are now very different from how they\u2019re stored in the database.<\/p>\n\n\n\n| EmpID<\/td>\n | FirstName<\/td>\n | LastName<\/td>\n | Birthdate<\/td>\n | CurrentFlag<\/td>\n | SalesLastYear<\/td>\n<\/tr>\n<\/thead>\n | \n\n| 274<\/td>\n | Stephen<\/td>\n | xxxx<\/td>\n | 1900-01-01<\/td>\n | 0<\/td>\n | 0.00<\/td>\n<\/tr>\n | \n| 275<\/td>\n | Michael<\/td>\n | xxxx<\/td>\n | 1900-01-01<\/td>\n | 0<\/td>\n | 0.00<\/td>\n<\/tr>\n | \n| 276<\/td>\n | Linda<\/td>\n | xxxx<\/td>\n | 1900-01-01<\/td>\n | 0<\/td>\n | 0.00<\/td>\n<\/tr>\n | \n| 277<\/td>\n | Jillian<\/td>\n | xxxx<\/td>\n | 1900-01-01<\/td>\n | 0<\/td>\n | 0.00<\/td>\n<\/tr>\n | \n| 279<\/td>\n | Tsvi<\/td>\n | xxxx<\/td>\n | 1900-01-01<\/td>\n | 0<\/td>\n | 0.00<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n To begin with, the database engine returns each LastName<\/strong> value as xxxx<\/strong>. The LastName<\/strong> column is defined with the NVARCHAR(50)<\/strong> data type. The database engine returns the xxxx<\/strong> value for all masked character data, unless the column is defined at a smaller size. For example, a CHAR(2)<\/strong> column will return a masked value of xx<\/strong>.<\/p>\nThe database engine handles date\/time values differently. Consider the Birthdate<\/strong> column, which is configured with the DATE<\/strong> data type. Each value is returned as 1900-01-01<\/strong> (or whatever format is consistent with your regional settings). If this had been some variation of the DATETIME<\/strong> data type, such as DATETIME2<\/strong>, the returned values would be 1900-01-01<\/strong> 00:00:00:0000000<\/strong>.<\/p>\nFor numeric columns, the database engine returns 0<\/strong> or 0.00<\/strong>, if decimals are involved. In this case, the CurrentFlag<\/strong> column is configured with the BIT<\/strong> data type, which qualifies as numeric, and the SalesLastYear<\/strong> is configured with the MONEY<\/strong> data type.<\/p>\nRegardless of the data type, the default<\/strong> function results in the entire value being somehow masked, which means an unauthorized user would not be able to infer the actual value other than to know the type of data, such as character or date.<\/p>\nIn some cases, you might want to allow a user to view the data as unmasked. To do so, you would grant the UNMASK<\/strong> permission to the account:<\/p>\nGRANT UNMASK TO user1;\r\n GO<\/pre>\nNow when you run the SELECT<\/strong> statement as User1<\/strong>, the results will show the unmasked data. However, if you then decide that the account should not be able to access the data as unmasked, you can revoke the permission:<\/p>\nREVOKE UNMASK TO user1; \u00a0\r\n GO<\/pre>\nAfter you run this statement, the user will again see the data as masked, as defined by the masking rules in the column definitions.<\/p>\n Verifying column masks<\/h2>\nIf you want to view which columns are masked in your database and how that masking is implemented, you can use the sys.masked_columns<\/strong> system view, as shown in the following SELECT<\/strong> statement:<\/p>\nSELECT OBJECT_NAME(object_id) TableName,\u00a0\r\n \u00a0 name ColumnName,\u00a0\r\n \u00a0 masking_function MaskFunction\r\n FROM sys.masked_columns\r\n ORDER BY TableName, ColumnName;\u00a0<\/pre>\nIf you run the statement against our example database, you should see the following results.<\/p>\n \n\n\n| TableName<\/td>\n | ColumnName<\/td>\n | MaskFunction<\/td>\n<\/tr>\n<\/thead>\n | \n\n| EmpInfo<\/td>\n | Birthdate<\/td>\n | default()<\/td>\n<\/tr>\n | \n| EmpInfo<\/td>\n | CurrentFlag<\/td>\n | default()<\/td>\n<\/tr>\n | \n| EmpInfo<\/td>\n | LastName<\/td>\n | default()<\/td>\n<\/tr>\n | \n| EmpInfo<\/td>\n | SalesLastYear<\/td>\n | default()<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n In this case, we\u2019ve defined masking rules on only four columns in the EmpInfo<\/strong> table, with all rules using the default<\/strong> function. If we had used functions that require arguments, those arguments would be shown here as well.<\/p>\nApplying an email mask<\/h2>\nThe next function we\u2019ll look at is email<\/strong>, which is used specifically to mask email addresses. The email<\/strong> function is as simple to implement as the default<\/strong> function, except that it returns somewhat different results. The default<\/strong> function masks the entire value, whereas the email<\/strong> function masks all but the first letter and, in some cases, the Internet domain (e.g., .com, .org, .edu).<\/p>\nThe behavior of the email<\/strong> function might seem a bit odd because it returns the .com domain for all email addresses. For example, if the email address ends in .org or .edu, the masked value will read .com, as it would if the domain actually were .com. Another way to look at this is that the function masks the domain for all email addresses except those that end with .com.<\/p>\nRegardless of the domain issue, the process of defining the masking rule is quite straightforward:<\/p>\n ALTER TABLE EmpInfo\r\n ALTER COLUMN EmailAddress NVARCHAR(50) \u00a0\r\n \u00a0 \u00a0 MASKED WITH (FUNCTION = 'email()') NULL;<\/pre>\nIn this case, we\u2019re simply modifying the EmailAddress<\/strong> column to include the masking rule, with the email<\/strong> function specified. Now let\u2019s query the table as our privileged user:<\/p>\nSELECT TOP 5 EmpID, EmailAddress\u00a0\r\n FROM EmpInfo;<\/pre>\nAs expected, the SELECT<\/strong> statement returns the results shown in the following table.<\/p>\n\n\n\n| EmpID<\/td>\n | EmailAddress<\/td>\n<\/tr>\n<\/thead>\n | \n\n| 274<\/td>\n | stephen0@adventure-works.com<\/td>\n<\/tr>\n | \n| 275<\/td>\n | michael9@adventure-works.com<\/td>\n<\/tr>\n | \n| 276<\/td>\n | linda3@adventure-works.com<\/td>\n<\/tr>\n | \n| 277<\/td>\n | jillian0@adventure-works.com<\/td>\n<\/tr>\n | \n| 279<\/td>\n | tsvi0@adventure-works.com<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n This time, we\u2019ll run the SELECT<\/strong> statement as user1<\/strong>:<\/p>\nEXECUTE AS USER = 'user1';\r\n SELECT TOP 5 EmpID, EmailAddress\u00a0\r\n FROM EmpInfo;\r\n REVERT;<\/pre>\nNow our results now look quite different.<\/p>\n \n\n\n| EmpID<\/td>\n | EmailAddress<\/td>\n<\/tr>\n<\/thead>\n | \n\n| 274<\/td>\n | sXXX@XXXX.com<\/td>\n<\/tr>\n | \n| 275<\/td>\n | mXXX@XXXX.com<\/td>\n<\/tr>\n | \n| 276<\/td>\n | lXXX@XXXX.com<\/td>\n<\/tr>\n | \n| 277<\/td>\n | jXXX@XXXX.com<\/td>\n<\/tr>\n | \n| 279<\/td>\n | tXXX@XXXX.com<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n That\u2019s all there is to masking email addresses. You might decide it\u2019s just as easy to go with the default<\/strong> function to mask the data. In most cases, the value xxxx<\/strong> will work as effectively as tXXX@XXXX<\/strong>.com<\/strong>. The only advantage to the latter is that it telegraphs to the user that this value is a masked email address, and perhaps that\u2019s exactly what you want to do.<\/p>\nApplying a random mask<\/h2>\nThe next function available to the masking rules is random<\/strong>, which replaces numerical values with a random value within a specified range. For example, we can apply the function to the SickLeave<\/strong> column, which is configured with the INT<\/strong> data type:<\/p>\nALTER TABLE EmpInfo\r\n ALTER COLUMN SickLeave INT\r\n \u00a0 \u00a0 MASKED WITH (FUNCTION = 'random(1, 5)') NOT NULL;<\/pre>\nIn this case, we want the returned random value to fall between 1<\/strong> and 5<\/strong>. We define the range by adding the range limits as arguments to the function. We can do something similar with the SalesYTD<\/strong> column, which is configured with the MONEY<\/strong> data type:<\/p>\nALTER TABLE EmpInfo\r\n ALTER COLUMN SalesYTD MONEY \u00a0\r\n \u00a0 \u00a0 MASKED WITH (FUNCTION = 'random(101, 999)') NOT NULL;<\/pre>\nThis time we want the returned values to fall between 101<\/strong> and 999<\/strong>. Now let\u2019s run a query against these columns using our privileged account:<\/p>\nSELECT TOP 5 EmpID, SickLeave, SalesYTD\u00a0\r\n FROM EmpInfo;<\/pre>\nNot surprisingly, we get the results shown in the following table.<\/p>\n \n\n\n| EmpID<\/td>\n | SickLeave<\/td>\n | SalesYTD<\/td>\n<\/tr>\n<\/thead>\n | \n\n| 274<\/td>\n | 27<\/td>\n | 559697.5639<\/td>\n<\/tr>\n | \n| 275<\/td>\n | 39<\/td>\n | 3763178.1787<\/td>\n<\/tr>\n | \n| 276<\/td>\n | 33<\/td>\n | 4251368.5497<\/td>\n<\/tr>\n | \n| 277<\/td>\n | 32<\/td>\n | 3189418.3662<\/td>\n<\/tr>\n | \n| 279<\/td>\n | 34<\/td>\n | 2315185.611<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n Next, we\u2019ll query the table as user1<\/strong>:<\/p>\nEXECUTE AS USER = 'user1';\r\n SELECT TOP 5 EmpID, SickLeave, SalesYTD \u00a0\r\n FROM EmpInfo;\r\n REVERT;<\/pre>\nNow the returned values fall within the specified ranges, as shown in the following table.<\/p>\n \n\n\n| EmpID<\/td>\n | SickLeave<\/td>\n | SalesYTD<\/td>\n<\/tr>\n<\/thead>\n | \n\n| 274<\/td>\n | 2<\/td>\n | 335.2532<\/td>\n<\/tr>\n | \n| 275<\/td>\n | 1<\/td>\n | 814.2846<\/td>\n<\/tr>\n | \n| 276<\/td>\n | 3<\/td>\n | 142.2145<\/td>\n<\/tr>\n | \n| 277<\/td>\n | 2<\/td>\n | 428.1147<\/td>\n<\/tr>\n | \n| 279<\/td>\n | 5<\/td>\n | 290.1132<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n Notice that for the SalesYTD<\/strong> column, the database engine preserves the decimal, but still returns values within the specified range.<\/p>\nBe careful when using the random<\/strong> function so you don\u2019t create a situation in which users that need accurate data assume that the information they\u2019re seeing is correct. As with the email<\/strong> function, you might be better off using the default<\/strong> function. At least that way, users are seeing all zeroes and will likely realize that the data is inaccurate. On the other hand, if your intention is to deceive non-privileged users, then by all means, use the random<\/strong> function.<\/p>\nApplying a partial mask<\/h2>\nThe final function available to the masking rules is partial<\/strong>, which allows you to specify exactly which values are masked. This function works best for column data that is consistently formatted, such as credit card numbers or national IDs.<\/p>\nTo demonstrate how the partial<\/strong> function works, we\u2019ll start by applying it to the NatID<\/strong> column, which stores social security numbers, without the hyphens. For these values, we want to mask all but the last four digits, as shown in the following ALTER<\/strong> TABLE<\/strong> statement:<\/p>\nALTER TABLE EmpInfo\r\n ALTER COLUMN NatID NVARCHAR(15)\r\n \u00a0 \u00a0 MASKED WITH (FUNCTION = 'partial(0, \"xxxxx\", 4)') NOT NULL;<\/pre>\nTo implement a partial<\/strong> masking rule, we must specify three arguments: how many opening characters to reveal, how many middle characters to mask and how to mask them, and how many trailing characters to reveal. In this case, we are revealing no opening characters (0<\/strong>), masking the first five characters with x<\/strong> values (xxxxx<\/strong>), and revealing the last four characters (4<\/strong>).<\/p>\nNow we\u2019ll do something similar for the PhoneNumber<\/strong> column, only this time, we\u2019ll reveal the first four characters, apply the value xxx-xxxx<\/strong> to the next seven characters, and reveal no trailing characters:<\/p>\nALTER TABLE EmpInfo\r\n ALTER COLUMN PhoneNumber NVARCHAR(25)\u00a0\r\n \u00a0 \u00a0 MASKED WITH (FUNCTION = 'partial(4, \"xxx-xxxx\", 0)') NULL;<\/pre>\nTo see what the data looks like, we\u2019ll query the table with our privileged account:<\/p>\n SELECT TOP 5 EmpID, NatID, PhoneNumber\u00a0\r\n FROM EmpInfo;<\/pre>\nAs the following table shows, the results include the same data that\u2019s stored in the database.<\/p>\n \n\n\n| EmpID<\/td>\n | NatID<\/td>\n | PhoneNumber<\/td>\n<\/tr>\n<\/thead>\n | \n\n| 274<\/td>\n | 502097814<\/td>\n | 238-555-0197<\/td>\n<\/tr>\n | \n| 275<\/td>\n | 841560125<\/td>\n | 257-555-0154<\/td>\n<\/tr>\n | \n| 276<\/td>\n | 191644724<\/td>\n | 883-555-0116<\/td>\n<\/tr>\n | \n| 277<\/td>\n | 615389812<\/td>\n | 517-555-0117<\/td>\n<\/tr>\n | \n| 279<\/td>\n | 716374314<\/td>\n | 664-555-0112<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n Next, let\u2019s query the table as user1<\/strong>:<\/p>\nEXECUTE AS USER = 'user1';\r\n SELECT TOP 5 EmpID, NatID, PhoneNumber \u00a0\r\n FROM EmpInfo;\r\n REVERT;<\/pre>\nThis time, the NatID<\/strong> values and PhoneNumber<\/strong> values are masked according to our masking rules.<\/p>\n\n\n\n| EmpID<\/td>\n | NatID<\/td>\n | PhoneNumber<\/td>\n<\/tr>\n<\/thead>\n | \n\n| 274<\/td>\n | xxxxx7814<\/td>\n | 238-xxx-xxxx<\/td>\n<\/tr>\n | \n| 275<\/td>\n | xxxxx0125<\/td>\n | 257-xxx-xxxx<\/td>\n<\/tr>\n | \n| 276<\/td>\n | xxxxx4724<\/td>\n | 883-xxx-xxxx<\/td>\n<\/tr>\n | \n| 277<\/td>\n | xxxxx9812<\/td>\n | 517-xxx-xxxx<\/td>\n<\/tr>\n | \n| 279<\/td>\n | xxxxx4314<\/td>\n | 664-xxx-xxxx<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n The partial<\/strong> function can be a particularly useful tool, as long as the column values are in a consistent format. If they\u2019re not, you might need to separate those values into different columns or come up with another strategy.<\/p>\nVerifying column masks, again<\/h2>\nNow that we have all our masking rules in place, let\u2019s query the sys.masked_columns<\/strong> system view once more:<\/p>\nSELECT OBJECT_NAME(object_id) TableName,\u00a0\r\n \u00a0 name ColumnName,\u00a0\r\n \u00a0 masking_function MaskFunction\r\n FROM sys.masked_columns\r\n ORDER BY TableName, ColumnName;\u00a0<\/pre>\nOur results should now look similar to those shown in the following table.<\/p>\n \n\n\n| TableName<\/td>\n | ColumnName<\/td>\n | MaskFunction<\/td>\n<\/tr>\n<\/thead>\n | \n\n| EmpInfo<\/td>\n | Birthdate<\/td>\n | default()<\/td>\n<\/tr>\n | \n| EmpInfo<\/td>\n | CurrentFlag<\/td>\n | default()<\/td>\n<\/tr>\n | \n| EmpInfo<\/td>\n | EmailAddress<\/td>\n | email()<\/td>\n<\/tr>\n | \n| EmpInfo<\/td>\n | LastName<\/td>\n | default()<\/td>\n<\/tr>\n | \n| EmpInfo<\/td>\n | NatID<\/td>\n | partial(0, “xxxxx”, 4)<\/td>\n<\/tr>\n | \n| EmpInfo<\/td>\n | PhoneNumber<\/td>\n | partial(4, “xxx-xxxx”, 0)<\/td>\n<\/tr>\n | \n| EmpInfo<\/td>\n | SalesLastYear<\/td>\n | default()<\/td>\n<\/tr>\n | \n| EmpInfo<\/td>\n | SalesYTD<\/td>\n | random(101, 999)<\/td>\n<\/tr>\n | \n| EmpInfo<\/td>\n | SickLeave<\/td>\n | random(1, 5)<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n As pointed out earlier, the results include the function arguments, where applicable, making it easier to pinpoint where you might be having issues should your masked data not be exactly what you expect.<\/p>\n Masking columns data<\/h2>\nThe DDM feature in SQL Server 2016 is a handy way to mask data without needing to modify your queries or applications. The four functions supported by the masking rules\u2014default<\/strong>, email<\/strong>, random<\/strong>, and partial<\/strong>\u2014are simple to implement within your column definitions. And because masking is controlled through SQL Server permissions, you can determine exactly who gets to see the unmasked data and who does not. Again, just be sure that masking is part of a larger security strategy and not your sole solution for protecting sensitive data.<\/p>\n","protected":false},"excerpt":{"rendered":"Dynamic Data Masking is a good way of rendering data unreadable for such purposes as user-acceptance testing, or demonstrating an application. It doesn’t encrypt the data, and a knowledgeable SQL user can defeat it. However it provides a simple way to administer from the database what data the various users of a database application can and can not see, making it a useful tool for the developer.…<\/p>\n","protected":false},"author":221841,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[143531],"tags":[],"coauthors":[6779],"class_list":["post-70216","post","type-post","status-publish","format-standard","hentry","category-t-sql-programming-sql-server"],"acf":[],"_links":{"self":[{"href":"https:\/\/www.red-gate.com\/simple-talk\/wp-json\/wp\/v2\/posts\/70216","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.red-gate.com\/simple-talk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.red-gate.com\/simple-talk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.red-gate.com\/simple-talk\/wp-json\/wp\/v2\/users\/221841"}],"replies":[{"embeddable":true,"href":"https:\/\/www.red-gate.com\/simple-talk\/wp-json\/wp\/v2\/comments?post=70216"}],"version-history":[{"count":4,"href":"https:\/\/www.red-gate.com\/simple-talk\/wp-json\/wp\/v2\/posts\/70216\/revisions"}],"predecessor-version":[{"id":72102,"href":"https:\/\/www.red-gate.com\/simple-talk\/wp-json\/wp\/v2\/posts\/70216\/revisions\/72102"}],"wp:attachment":[{"href":"https:\/\/www.red-gate.com\/simple-talk\/wp-json\/wp\/v2\/media?parent=70216"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.red-gate.com\/simple-talk\/wp-json\/wp\/v2\/categories?post=70216"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.red-gate.com\/simple-talk\/wp-json\/wp\/v2\/tags?post=70216"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.red-gate.com\/simple-talk\/wp-json\/wp\/v2\/coauthors?post=70216"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}} | | | | | | | | | |