Decrypt & Verify API
https://managed.crittoraapis.com/v1/decrypt-verify
This reference page documents the Managed API version of the decrypt-and-verify operation. It accepts request-time credentials and performs the hosted flow on your behalf.
Purpose
Use this endpoint when you are on the Managed API integration path and need Crittora to authenticate and perform decryption plus signature verification in one request.
API Details
Managed API headers
| Header | Type | Description | Required |
|---|---|---|---|
| username | string | AWS Cognito username | Yes |
| password | string | AWS Cognito password | Yes |
| api_key | string | Crittora partner API key | Yes |
| access_key | string | Crittora partner access key | Yes |
| secret_key | string | Crittora partner secret key | Yes |
Request Body
{
"encrypted_data": "base64_encoded_signed_encrypted_string"
}| Field | Type | Description | Required |
|---|---|---|---|
| encrypted_data | string | Base64-encoded string containing both encrypted and signed content | Yes |
Response
On success (HTTP 200), the response contains both the decrypted content and signature verification result.
Example Response:
{
"statusCode": 200,
"body": {
"decrypted_data": "sensitive information to encrypt",
"is_valid_signature": true,
"signed_by": "Rockville Insurance Group",
"signed_timestamp": "2025-10-19T17:28:27.659100+00:00"
}
}Additional metadata may include the original signature, public key, or timestamps depending on Crittora's payload.
Status Codes
HTTP status codes returned by the decrypt-verify endpoint.
Success Codes
| Code | Name | Description | Usage | Example |
|---|---|---|---|---|
200 | OK | Successfully decrypted data with verified signature | Request completed successfully | Decrypt and verify operation completed |
Error Codes
| Code | Name | Description | Usage | Example |
|---|---|---|---|---|
500 | Internal Server Error | Username and/or Password Incorrect | Authentication credentials are invalid | Invalid AWS Cognito username or password |
Code Examples
cURL Example:
curl -X POST https://managed.crittoraapis.com/v1/decrypt-verify \
-H "Content-Type: application/json" \
-H "username: your_cognito_username" \
-H "password: your_cognito_password" \
-H "api_key: your_crittora_api_key" \
-H "access_key: your_crittora_access_key" \
-H "secret_key: your_crittora_secret_key" \
-d '{
"encrypted_data": "eyJkYXRhIjoiZW5jcnlwdGVkX2Jhc2U2NF9zdHJpbmciLCJhbGdvcml0aG0iOiJBQ0VTLTI1Ni1HQ00ifQ=="
}'JavaScript Example:
const decryptAndVerify = async (encryptedData) => {
const response = await fetch("https://managed.crittoraapis.com/v1/decrypt-verify", {
method: "POST",
headers: {
"Content-Type": "application/json",
"username": "your_cognito_username",
"password": "your_cognito_password",
"api_key": "your_crittora_api_key",
"access_key": "your_crittora_access_key",
"secret_key": "your_crittora_secret_key"
},
body: JSON.stringify({ encrypted_data: encryptedData })
});
return await response.json();
};Python Example:
import requests
def decrypt_and_verify(encrypted_data):
url = "https://managed.crittoraapis.com/v1/decrypt-verify"
headers = {
"Content-Type": "application/json",
"username": "your_cognito_username",
"password": "your_cognito_password",
"api_key": "your_crittora_api_key",
"access_key": "your_crittora_access_key",
"secret_key": "your_crittora_secret_key"
}
payload = {"encrypted_data": encrypted_data}
response = requests.post(url, headers=headers, json=payload)
return response.json()Flow Summary
- Client sends managed credentials and the encrypted payload.
- The managed layer authenticates with Cognito.
- The managed layer invokes Crittora's decrypt-and-verify operation.
- Crittora:
- Decrypts the content
- Verifies the digital signature against stored public key
- The decrypted data and signature validation result are returned to the client.
Try it out: Use the interactive interface below to test the managed decrypt-verify endpoint with your encrypted and signed data.