Direct API

Applies to: Token-based backend integrations

Base URL: https://api.crittoraapis.com

Last updated: March 8, 2026

Use the Direct API when your backend authenticates first, then sends bearer-token requests directly to Crittora at https://api.crittoraapis.com.

Choose a runtime, not a model

JavaScript and Python are both first-class ways to use the same Direct API model. Pick the SDK that matches your service runtime.

Choose your runtime

JavaScript / TypeScript

Package: @crittora/sdk-js

Best fit: Node-first SDK with CrittoraClient, Cognito helper, and legacy shim

Open JS quickstart

Python

Package: crittora-sdk-python

Best fit: Typed sync and async clients, explicit auth wiring, and migration docs

Open Python quickstart

Raw HTTP

Package: No SDK required

Best fit: Use direct bearer-token requests if you already have your own transport layer

Open API reference

Direct API contract

Topic	Details
Authentication	Authenticate first, then send a bearer token on API requests.
Audience	Trusted backend services only.
Operations	encrypt, decrypt, sign-encrypt, decrypt-verify
SDK options	JavaScript/TypeScript, Python, or raw HTTP

Recommended path

Start with the SDK for your runtime, validate auth and permissions against one encrypt/decrypt flow, then use the API reference pages for operation names and payload concepts.

Direct API docs

Direct API summary

Bearer token

Backend only

Best for teams that want explicit control over auth, retries, transport, and runtime-specific SDK behavior.