Sign & Encrypt API
https://managed.crittoraapis.com/v1/sign-encrypt
This reference page documents the Managed API version of the sign-and-encrypt operation. It accepts request-time credentials and runs the hosted flow on your behalf.
Purpose
Use this endpoint when you are on the Managed API integration path and need Crittora to handle authentication and perform the signing and encryption sequence in one request.
API Details
Managed API headers
| Header | Type | Description | Required |
|---|---|---|---|
| username | string | AWS Cognito username | Yes |
| password | string | AWS Cognito password | Yes |
| api_key | string | Crittora partner API key | Yes |
| access_key | string | Crittora partner access key | Yes |
| secret_key | string | Crittora partner secret key | Yes |
Request Body
{
"data": "plain_text_to_sign_and_encrypt"
}| Field | Type | Description | Required |
|---|---|---|---|
| data | string | Raw plaintext data to be processed | Yes |
Response
A successful response will include the encrypted output along with its digital signature and associated metadata.
Example Response:
{
"statusCode": 200,
"body": {
"encrypted_data": "ugHTJ-ziCZ-QmWh8ruNJ0ojgwY8iA7OmPVGZDzVlGmImv4A4xWJ6HLchv_dRFZEdl7CB8i_F8KlEgTumCAY86B4n5jltbB8NnSiIvlyZT8WkyIDVCJX6F7VT6R_Wt99PjTg7Q"
}
}Status Codes
HTTP status codes returned by the sign-encrypt endpoint.
Success Codes
| Code | Name | Description | Usage | Example |
|---|---|---|---|---|
200 | OK | Successfully signed and encrypted data | Request completed successfully | Sign and encrypt operation completed |
Error Codes
| Code | Name | Description | Usage | Example |
|---|---|---|---|---|
500 | Internal Server Error | Username and/or Password Incorrect | Authentication credentials are invalid | Invalid AWS Cognito username or password |
Code Examples
cURL Example:
curl -X POST https://managed.crittoraapis.com/v1/sign-encrypt \
-H "Content-Type: application/json" \
-H "username: your_cognito_username" \
-H "password: your_cognito_password" \
-H "api_key: your_crittora_api_key" \
-H "access_key: your_crittora_access_key" \
-H "secret_key: your_crittora_secret_key" \
-d '{
"data": "sensitive information to sign and encrypt"
}'JavaScript Example:
const signAndEncrypt = async (data) => {
const response = await fetch("https://managed.crittoraapis.com/v1/sign-encrypt", {
method: "POST",
headers: {
"Content-Type": "application/json",
"username": "your_cognito_username",
"password": "your_cognito_password",
"api_key": "your_crittora_api_key",
"access_key": "your_crittora_access_key",
"secret_key": "your_crittora_secret_key"
},
body: JSON.stringify({ data })
});
return await response.json();
};Python Example:
import requests
def sign_and_encrypt(data):
url = "https://managed.crittoraapis.com/v1/sign-encrypt"
headers = {
"Content-Type": "application/json",
"username": "your_cognito_username",
"password": "your_cognito_password",
"api_key": "your_crittora_api_key",
"access_key": "your_crittora_access_key",
"secret_key": "your_crittora_secret_key"
}
payload = {"data": data}
response = requests.post(url, headers=headers, json=payload)
return response.json()Operational Flow
- The managed layer authenticates with Cognito using the supplied credentials.
- The managed layer sends the sign-and-encrypt request to Crittora with:
- Cognito bearer token
- Crittora partner credentials
- Raw data and requested actions ["s", "e"]
- Crittora returns the encrypted payload and digital signature.
- The combined result is returned to the caller.
Try it out: Use the interactive interface below to test the managed sign-encrypt endpoint with your data.