This section documents the Secryn API endpoints and functionality.
All API requests require authentication using a valid API key:
curl -H "Authorization: Bearer YOUR_API_KEY" https://api.secryn.com/v1/endpoint
https://api.secryn.com/v1
Secryn uses application-level encryption with secure key handling to protect sensitive data at rest. For API usage, pair that with scoped tokens, RBAC, audit logs, and HTTPS in transit.
Check the health of the API:
GET /health
Response:
{
"status": "ok",
"version": "1.0.0"
}
The API provides endpoints for managing various resources. Each resource typically supports:
GET /resources - List all resourcesGET /resources/:id - Get a specific resourcePOST /resources - Create a new resourcePUT /resources/:id - Update a resourceDELETE /resources/:id - Delete a resourcecurl -H "Authorization: Bearer YOUR_API_KEY" \
https://api.secryn.com/v1/resources
Response:
{
"data": [
{
"id": "res_123",
"name": "Example Resource",
"created_at": "2024-01-15T10:30:00Z"
}
],
"pagination": {
"total": 1,
"page": 1,
"limit": 50
}
}
API requests are rate-limited to prevent abuse:
Rate limit information is included in response headers:
X-RateLimit-Limit - Total requests allowedX-RateLimit-Remaining - Remaining requestsX-RateLimit-Reset - Unix timestamp when limit resetsThe API returns standard HTTP status codes:
200 - Success400 - Bad Request401 - Unauthorized403 - Forbidden404 - Not Found429 - Too Many Requests500 - Server ErrorError response format:
{
"error": {
"code": "INVALID_REQUEST",
"message": "Invalid request parameters",
"details": {
"field": "api_key",
"reason": "Missing required field"
}
}
}
Configure webhooks to receive events:
curl -X POST https://api.secryn.com/v1/webhooks \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"url": "https://example.com/webhook",
"events": ["resource.created", "resource.updated"]
}'
List endpoints support pagination:
curl -H "Authorization: Bearer YOUR_API_KEY" \
"https://api.secryn.com/v1/resources?page=2&limit=25"