API Setup Guide
This guide walks you through setting up API access to the Ciphrix platform.
Prerequisites
Before you begin:
- Active Ciphrix account
- Access to the Ciphrix platform
- Basic understanding of REST APIs and HTTP requests
Step 1: Generate an API Key
Access API Keys
-
Log in to Ciphrix Platform
- Go to ciphrix.app
- Sign in with your credentials
-
Navigate to System Settings
- Click on System Settings in the navigation menu
- Select API Keys from the settings options
-
Generate New API Key
- Click Generate New API Key or Create API Key
- Give your API key a descriptive name (e.g., "Production Integration", "Dev Environment")
- Click Generate or Create
-
Save Your API Key
- Copy the generated API key immediately
- Store it securely (you won't be able to see it again)
- Never commit API keys to version control
Treat your API keys like passwords. Never share them publicly or commit them to version control. Use environment variables to store API keys in your applications.
Step 2: Use Your API Key
Authentication Header Format
All API requests must include your API key in the Authorization header using the Bearer token format:
Authorization: Bearer <YOUR_API_KEY>
Example Usage
curl -H "Authorization: Bearer cpx_beta_ABCDEFGHJKILKEY" \
https://global.api.beta.ciphrix.app/api/v3/upload/evidence
Step 3: Configure Environment Variables
Local Development
Create a .env file in your project root:
CIPHRIX_API_KEY=your_api_key_here
CIPHRIX_API_URL=https://global.api.beta.ciphrix.app
Add .env to your .gitignore:
.env
.env.local
Best Practices
- Never hardcode API keys in your source code
- Use environment variables to store API keys
- Rotate keys regularly for security
- Use different keys for development and production environments
- Revoke unused keys immediately
API Key Management
Rotating Keys
We recommend rotating API keys regularly for security:
- Generate a new API key in System Settings → API Keys
- Update your application with the new key
- Test the new key to ensure it works
- Revoke the old key from System Settings → API Keys
Revoking Keys
To revoke an API key:
- Go to System Settings → API Keys
- Find the key you want to revoke
- Click Revoke or Delete
- Confirm the action
Revoking a key is immediate and cannot be undone. Ensure no active services are using the key before revoking.
Troubleshooting
401 Unauthorized
- Verify your API key is correct and copied completely
- Check that the key hasn't been revoked
- Ensure the Authorization header format is correct:
Authorization: Bearer <YOUR_API_KEY> - Verify there are no extra spaces in the header
400 Bad Request
- Check that all required parameters are provided
- Verify the request format matches the API documentation
- Ensure file paths and parameters are correct
Connection Errors
- Verify you're using the correct API URL (Beta or Production)
- Check your internet connection
- Ensure your firewall isn't blocking the API domain
Next Steps
Now that you have API access configured:
- Upload to Evidence - Upload files to evidence records
- Upload to Test - Upload files to test records
- Review the API Reference for complete documentation
Support
Need help with API setup?
- Email: support@ciphrix.com
- Platform: Access in-app support from System Settings