Encrypt API

POST

https://managed.crittoraapis.com/v1/encrypt

This endpoint authenticates users through AWS Cognito and encrypts data using the Crittora Encryption API. It serves as a secure encryption proxy for your applications.

Purpose

The Encrypt API provides a secure way to encrypt sensitive data by authenticating users through AWS Cognito and leveraging the Crittora Encryption API. This endpoint acts as a secure proxy, ensuring your data is encrypted using industry-standard encryption methods.

API Details

Headers

Header	Type	Description	Required
username	string	Cognito username	Yes
password	string	Cognito password	Yes
api_key	string	Partner-level API key from Crittora	Yes
access_key	string	Partner access key from Crittora	Yes
secret_key	string	Partner secret key from Crittora	Yes

Request Body

{
  "data": "string"
}

Field	Type	Description	Required
data	string	The plaintext data to encrypt	Yes

Response

Returns the encrypted payload from Crittora in JSON format.

Example Response:

{
  "statusCode": 200,
  "body": {
    "encrypted_data": "ugHTJ-ziCZ-QmWh8ruNJ0ojgwY8iA7OmPVGZDzVlGmImv4A4xWJ6HLchv_dRFZEdl7CB8i_F8KlEgTumCAY86B4n5jltbB8NnSiIvlyZT8WkyIDVCJX6F7VT6R_Wt99PjTg7Q"
  }
}

Status Codes

HTTP status codes returned by the encrypt endpoint.

Success Codes

Code	Name	Description	Usage	Example
200	OK	Successfully encrypted data	Request completed successfully	Encryption operation completed

Error Codes

Code	Name	Description	Usage	Example
500	Internal Server Error	Username and/or Password Incorrect	Authentication credentials are invalid	Invalid AWS Cognito username or password

Status Code Best Practices

Always check the status code before processing response data
Implement proper error handling for error status codes
Use appropriate HTTP methods and status codes for your use case

Code Examples

cURL Example:

curl -X POST https://managed.crittoraapis.com/v1/encrypt \
  -H "Content-Type: application/json" \
  -H "username: your_cognito_username" \
  -H "password: your_cognito_password" \
  -H "api_key: your_crittora_api_key" \
  -H "access_key: your_crittora_access_key" \
  -H "secret_key: your_crittora_secret_key" \
  -d '{
    "data": "sensitive information to encrypt"
  }'

JavaScript Example:

// Using fetch API
const encryptData = async (data) => {
  const response = await fetch('https://managed.crittoraapis.com/v1/encrypt', {
    method: 'POST',
    headers: {
      'Content-Type': 'application/json',
      'username': 'your_cognito_username',
      'password': 'your_cognito_password',
      'api_key': 'your_crittora_api_key',
      'access_key': 'your_crittora_access_key',
      'secret_key': 'your_crittora_secret_key'
    },
    body: JSON.stringify({ data })
  });
  
  return await response.json();
};

Python Example:

import requests

def encrypt_data(data):
    url = "https://managed.crittoraapis.com/v1/encrypt"
    headers = {
        "Content-Type": "application/json",
        "username": "your_cognito_username",
        "password": "your_cognito_password",
        "api_key": "your_crittora_api_key",
        "access_key": "your_crittora_access_key",
        "secret_key": "your_crittora_secret_key"
    }
    
    payload = {"data": data}
    response = requests.post(url, headers=headers, json=payload)
    return response.json()

Flow Summary

API caller sends user credentials and API keys in headers, and plaintext data in the JSON body.
Lambda authenticates user with AWS Cognito and gets a bearer token.
Lambda calls Crittora's /encrypt endpoint with:
- Authorization bearer token
- Crittora partner API credentials
- Requested action: ["e"] for encryption
Response is returned with encrypted data and metadata.

Security Notes

Sensitive credentials (passwords, API keys) must not be logged or exposed.
Use HTTPS and secure client storage for all keys.
Rotate Cognito and Crittora keys periodically.

Try it out: Use the interactive API interface below to test the encrypt endpoint with your own data.

Loading API specification...