Getting Started with the Crittora API
The Crittora API offers secure encryption, decryption, and digital signature primitives that combine AWS Cognito authentication with partner credentials. Every request must travel over HTTPS and include both Cognito credentials (username and password) as well as your partner api_key/access_key/secret_key combination.
Authentication & Servers
Required headers for every request:
| Header | Purpose |
|---|---|
| username | AWS Cognito username for your service account |
| password | AWS Cognito password paired with the username |
| api_key | Crittora partner API key |
| access_key | Crittora partner access key |
| secret_key | Crittora partner secret key |
Quick-start Steps
- 1. Provision AWS Cognito service account credentials.
Cognito secures authentication before you call any Crittora endpoint.
- 2. Obtain your partner api_key/access_key/secret_key.
These are tied to your organization and should be rotated regularly.
- 3. Call /encrypt to secure your first payload.
Use the header set and JSON body shown below.
Sample Encryption Request
Match the header set above and swap in your production or staging server as needed. Every request returns a JSON envelope with `statusCode` and a `body` containing the encrypted payload.
POST https://managed.crittoraapi.com/v1/encrypt
Headers:
Content-Type: application/json
username: <Cognito username>
password: <Cognito password>
api_key: <Crittora API key>
access_key: <Crittora access key>
secret_key: <Crittora secret key>
Body:
{
"data": "sensitive information to encrypt"
}Sample Response
{
"statusCode": 200,
"body": {
"encrypted_data": "ugHTJ-ziCZ-QmWh8ruNJ0ojgwY8iA7OmPVGZDzVlGmImv4A4xWJ6HLchv_dRFZEdl7CB8i_F8KlEgTumCAY86B4n5jltbB8NnSiIvlyZT8WkyIDVCJX6F7VT6R_Wt99PjTg7Q"
}
}Additional Guidance
- Use staging endpoints to test before hitting production.
- Rotate Cognito and partner keys at least quarterly.
- All requests are rate limited per user; contact support for higher throughput.
Need Help?
Reach out to support@crittora.com for account setup, credential rotations, or rate limit increases.
Contact the team