API Setup Guide
This guide walks you through setting up API access to the Ciphrix platform.
Prerequisites
Before you begin:
- Active Ciphrix account
- Access to the Ciphrix platform
- Basic understanding of REST APIs and HTTP requests
Step 1: Generate an API Key
Access API Keys
-
Log in to Ciphrix Platform
- Go to ciphrix.app
- Sign in with your credentials
-
Navigate to System Settings
- Click on System Settings in the navigation menu
- Select API Keys from the settings options
-
Generate New API Key
- Click Generate New API Key or Create API Key
- Give your API key a descriptive name (e.g., "Production Integration", "Dev Environment")
- Click Generate or Create
-
Save Your API Key
- Copy the generated API key immediately
- Store it securely (you won't be able to see it again)
- Never commit API keys to version control
:::warning Security Best Practice Treat your API keys like passwords. Never share them publicly or commit them to version control. Use environment variables to store API keys in your applications. :::
Step 2: Use Your API Key
Authentication Header Format
All API requests must include your API key in the Authorization header using the Bearer token format:
Authorization: Bearer <YOUR_API_KEY>
Example Usage
curl -H "Authorization: Bearer cpx_beta_ABCDEFGHJKILKEY" \
https://global.api.beta.ciphrix.app/api/v3/upload/evidence
Step 3: Configure Environment Variables
Local Development
Create a .env file in your project root:
CIPHRIX_API_KEY=your_api_key_here
CIPHRIX_API_URL=https://global.api.beta.ciphrix.app
Add .env to your .gitignore:
.env
.env.local
Best Practices
- Never hardcode API keys in your source code
- Use environment variables to store API keys
- Rotate keys regularly for security
- Use different keys for development and production environments
- Revoke unused keys immediately
API Key Management
Rotating Keys
We recommend rotating API keys regularly for security:
- Generate a new API key in System Settings → API Keys
- Update your application with the new key
- Test the new key to ensure it works
- Revoke the old key from System Settings → API Keys
Revoking Keys
To revoke an API key:
- Go to System Settings → API Keys
- Find the key you want to revoke
- Click Revoke or Delete
- Confirm the action
Revoking a key is immediate and cannot be undone. Ensure no active services are using the key before revoking.
Troubleshooting
401 Unauthorized
- Verify your API key is correct and copied completely
- Check that the key hasn't been revoked
- Ensure the Authorization header format is correct:
Authorization: Bearer <YOUR_API_KEY> - Verify there are no extra spaces in the header
400 Bad Request
- Check that all required parameters are provided
- Verify the request format matches the API documentation
- Ensure file paths and parameters are correct
Connection Errors
- Verify you're using the correct API URL (Beta or Production)
- Check your internet connection
- Ensure your firewall isn't blocking the API domain
Next Steps
Now that you have API access configured:
- Upload to Evidence - Upload files to evidence records
- Upload to Test - Upload files to test records
- Review the API Reference for complete documentation
Support
Need help with API setup?
- Email: support@ciphrix.com
- Platform: Access in-app support from System Settings