Choose your integration path
Crittora supports two integration models. Start by choosing the one that matches how you want authentication and API access to work in your backend.
Common choices
Direct API
Auth model: Authenticate once, then call the API with bearer tokens.
Best for: Backend systems that want token-based control with JS, Python, or raw HTTP.
Base URL: https://api.crittoraapis.com
Start Direct API setupManaged API
Auth model: Send username, password, api_key, access_key, and secret_key with each request.
Best for: Teams that want Crittora to host the Cognito interaction.
Base URL: https://managed.crittoraapis.com/v1
Start Managed API setupCompare the two modes
Compare base URL, authentication model, and ideal use case before you commit to an implementation path.
| Mode | Base URL | Authentication | Best for |
|---|---|---|---|
| Direct API | https://api.crittoraapis.com | Authenticate once, then call the API with bearer tokens. | Backend systems that want token-based control with JS, Python, or raw HTTP. |
| Managed API | https://managed.crittoraapis.com/v1 | Send username, password, api_key, access_key, and secret_key with each request. | Teams that want Crittora to host the Cognito interaction. |
Recommended reading order
- Pick your integration model.
- Complete the matching quickstart for Direct API or Managed API.
- Use the API Reference pages for request and response payloads.
Frequently asked questions
What is the difference between Direct API and Managed API?
The Direct API flow authenticates first and then uses bearer-token requests against https://api.crittoraapis.com. The Managed API flow sends username, password, api_key, access_key, and secret_key with each request to https://managed.crittoraapis.com/v1.
Which integration should I choose?
Choose Direct API if your backend wants a token-based server-to-server integration and you want to use JS, Python, or raw HTTP. Choose Managed API if you want Crittora to handle the Cognito interaction for each request.
Do the API reference pages cover both flows?
The endpoint reference pages currently document the Managed API request shape. If you are using the token-based direct flow, start with the Direct API overview and the runtime quickstart for JS or Python, then use the reference pages for operation names and payload concepts.
Integration modes
The endpoint reference pages currently document the managed API request shape. Start with the Direct API guide if you are using the direct token-based flow.