TrigGuard
TRIGGUARD DATA_EXPORT
Request access

Data Export Authorization

Gate bulk data exports. Authorize before exports execute. Cryptographic proof of who exported what.

Data Exports Are High-Risk

Bulk data exports can exfiltrate sensitive data, expose PII, or violate data residency requirements. Once data leaves your system, you can't get it back.

TrigGuard authorizes exports before they execute. Every export gets a signed receipt documenting who authorized it.

What Gets Authorized

Database Dumps

pg_dump, mysqldump, mongodump. Full or partial database exports.

Analytics Extracts

BigQuery exports, Snowflake unloads, data warehouse extracts.

Backup Downloads

Downloading backup files from storage to local machines.

Batch Exports

Scheduled or ad-hoc bulk data pipelines to external systems.

Integration Example

PRIVATE BETA — request access. The Execution Authorization Gateway (reference protocol TG-EXECUTION-AUTH-01) is currently available to selected partners. The verification surface at https://trigguardai.com/protocol/* is live today and requires no key. Contact TrigGuard for integration access.

# Gate pg_dump on an authorization decision from the gateway.
# The gateway host shown here (api.trigguardai.com) is private beta;
# replace with the endpoint provided during access onboarding.
DECISION=$(curl -s -X POST https://api.trigguardai.com/execute \
 -H "Authorization: Bearer $TRIGGUARD_API_KEY" \
 -H "Content-Type: application/json" \
 -d '{
   "surface": "data.export",
   "action": "pg-dump",
   "context": {"database": "production", "tables": ["users", "orders"]}
 }' | jq -r '.decision')

if [ "$DECISION" = "PERMIT" ]; then
 pg_dump -h prod-db -d myapp -t users -t orders > export.sql
else
 echo "[TrigGuard] Export blocked: decision=$DECISION"
 exit 1
fi

Receipt verification is offline against /.well-known/trigguard-keys.json using the CLI or /verify. See the developer guide for integration patterns.

Policy Examples

PII Tables Require explicit approval for tables with PII
Size Limits Block exports over configurable row count
Time Windows Allow exports only during business hours
Destination Check Only allow exports to approved destinations

Compliance Benefits

Every export produces a signed receipt. Answer "who exported this data and when?" with cryptographic proof.

GDPR / Data Residency

Document authorization for data transfers. Prove compliance with data residency requirements. Audit trail for Subject Access Requests.

Protect Your Data

Add authorization gates to data export workflows. Start protecting exports in 10 minutes.

Integration Guide Request Access