Skip to main content

Upload to Evidence API

Upload files to evidence records in the Ciphrix platform.

Endpoint

POST /api/v3/upload/evidence

Full URL

Beta Environment:

https://global.api.beta.ciphrix.app/api/v3/upload/evidence

Production Environment:

{provided-url}/api/v3/upload/evidence

Authentication

Requires Bearer token authentication:

Authorization: Bearer <YOUR_API_KEY>

Request

Headers

  • Content-Type: multipart/form-data
  • Authorization: Bearer <YOUR_API_KEY>

Request Body Parameters

ParameterTypeRequiredDescription
evidence_codestringYesEvidence code identifier. This value is available in the platform on the evidence page.
filesarrayYesFiles to attach. Multiple files can be uploaded in a single request.

Evidence Code Format

Evidence codes follow the format: CPX-EVC-{number}

Example: CPX-EVC-0133

You can find the evidence code in the Ciphrix platform on the evidence details page.

Files Format

Files should be provided as multipart form data with the following format:

files=@/path/to/file.pdf;type=application/pdf

Multiple files can be uploaded by repeating the files parameter.

Response

Success Response (200 OK)

{
    "status": 200,
    "message": "Files uploaded successfully",
    "data": {
        "no_of_files_uploaded": 2
    }
}

Response Fields

FieldTypeDescription
statusintegerHTTP status code
messagestringSuccess or error message
dataobjectOptional - contains upload data
data.no_of_files_uploadedintegerCount of successfully uploaded files

Error Response (400 Bad Request)

{
    "status": 400,
    "message": "Failed to upload files to evidence"
}

Common HTTP Status Codes

  • 200 - OK - Files uploaded successfully
  • 400 - Bad Request - Invalid request parameters (missing evidence_code, invalid files)
  • 401 - Unauthorized - Missing or invalid API key
  • 404 - Not Found - Evidence code not found

Request Examples

cURL Example

curl -k -v -X POST \
'https://global.api.beta.ciphrix.app/api/v3/upload/evidence' \
-H 'Authorization: Bearer cpx_beta_ABCDEFGHJKILKEY' \
-F 'evidence_code=CPX-EVC-0147' \
-F 'files=@/Users/my-laptop-user/my-folder/my-document-1.pdf;type=application/pdf' \
-F 'files=@/Users/my-laptop-user/my-folder/my-document-2.pdf;type=application/pdf'

JavaScript (Node.js) Example

const FormData = require('form-data');
const fs = require('fs');
const axios = require('axios');

const form = new FormData();
form.append('evidence_code', 'CPX-EVC-0147');
form.append('files', fs.createReadStream('/path/to/document-1.pdf'));
form.append('files', fs.createReadStream('/path/to/document-2.pdf'));

axios.post('https://global.api.beta.ciphrix.app/api/v3/upload/evidence', form, {
  headers: {
    ...form.getHeaders(),
    'Authorization': 'Bearer cpx_beta_ABCDEFGHJKILKEY'
  }
})
.then(response => {
  console.log('Success:', response.data);
  console.log('Files uploaded:', response.data.data.no_of_files_uploaded);
})
.catch(error => {
  console.error('Error:', error.response?.data || error.message);
});

Python Example

import requests

url = "https://global.api.beta.ciphrix.app/api/v3/upload/evidence"

headers = {
    "Authorization": "Bearer cpx_beta_ABCDEFGHJKILKEY"
}

data = {
    "evidence_code": "CPX-EVC-0147"
}

files = [
    ("files", open("/path/to/document-1.pdf", "rb")),
    ("files", open("/path/to/document-2.pdf", "rb"))
]

response = requests.post(url, headers=headers, data=data, files=files)

print("Status:", response.status_code)
print("Response:", response.json())

if response.status_code == 200:
    print("Files uploaded:", response.json()["data"]["no_of_files_uploaded"])

Use Cases

Automated Evidence Collection

Automatically upload compliance evidence from your systems:

async function uploadEvidence(evidenceCode, filePaths) {
  const FormData = require('form-data');
  const fs = require('fs');
  const axios = require('axios');

  const form = new FormData();
  form.append('evidence_code', evidenceCode);

  filePaths.forEach(filePath => {
    form.append('files', fs.createReadStream(filePath));
  });

  try {
    const response = await axios.post(
      'https://global.api.beta.ciphrix.app/api/v3/upload/evidence',
      form,
      {
        headers: {
          ...form.getHeaders(),
          'Authorization': `Bearer ${process.env.CIPHRIX_API_KEY}`
        }
      }
    );

    console.log(`Successfully uploaded ${response.data.data.no_of_files_uploaded} files`);
    return response.data;
  } catch (error) {
    console.error('Upload failed:', error.response?.data || error.message);
    throw error;
  }
}

// Usage
uploadEvidence('CPX-EVC-0147', [
  './evidence/audit-log.pdf',
  './evidence/security-scan.pdf'
]);

Batch Upload Multiple Evidence Items

import os
import requests

def batch_upload_evidence(evidence_files_map):
    """
    Upload files to multiple evidence codes
    evidence_files_map: dict with evidence_code as key and list of file paths as value
    """
    url = "https://global.api.beta.ciphrix.app/api/v3/upload/evidence"
    headers = {"Authorization": f"Bearer {os.getenv('CIPHRIX_API_KEY')}"}
    
    results = []
    for evidence_code, file_paths in evidence_files_map.items():
        data = {"evidence_code": evidence_code}
        files = [("files", open(path, "rb")) for path in file_paths]
        
        response = requests.post(url, headers=headers, data=data, files=files)
        results.append({
            "evidence_code": evidence_code,
            "status": response.status_code,
            "files_uploaded": response.json().get("data", {}).get("no_of_files_uploaded", 0)
        })
        
        # Close file handles
        for _, file_handle in files:
            file_handle.close()
    
    return results

# Usage
evidence_map = {
    "CPX-EVC-0133": ["./docs/policy1.pdf", "./docs/policy2.pdf"],
    "CPX-EVC-0147": ["./scans/security-report.pdf"]
}

results = batch_upload_evidence(evidence_map)
for result in results:
    print(f"{result['evidence_code']}: {result['files_uploaded']} files uploaded")

Troubleshooting

Evidence Code Not Found

Issue: Receiving 404 error for evidence code

  • Verify the evidence code exists in your Ciphrix account
  • Check that the format is correct (CPX-EVC-XXXX)
  • Ensure you're using the correct environment (Beta vs Production)

File Upload Failed

Issue: Files not uploading or upload fails

  • Verify file paths are correct and files exist
  • Check file permissions (files must be readable)
  • Ensure files are not empty or corrupted
  • Verify the content-type is set correctly

Authentication Failed

Issue: 401 Unauthorized error

  • Verify your API key is correct
  • Ensure the Authorization header format is correct
  • Check that the API key hasn't been revoked

Support

Need help with the Upload to Evidence API?