VaultKey API Documentation

Build secure applications with the VaultKey API. Access passwords, secrets, and security features programmatically.

Base URL

https://api.vaultkey.io/v1

Secure by Default

All API requests require authentication and use TLS 1.3 encryption.

Fast & Reliable

99.99% uptime SLA with global edge network for low latency.

Developer Friendly

RESTful API with comprehensive SDKs for popular languages.

Authentication

VaultKey uses API keys for authentication. Include your API key in the Authorization header of every request.

Request Header

Authorization: Bearer YOUR_API_KEY
Content-Type: application/json

Keep your API key secure

Never expose your API key in client-side code or public repositories. Use environment variables in production.

Quick Start

Get started with the VaultKey API in minutes. Here's a simple example to retrieve your passwords.

curl -X GET https://api.vaultkey.io/v1/passwords \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json"

                            Response
                        

                            {
  "status": "success",
  "data": {
    "passwords": [
      {
        "id": "pwd_1234567890",
        "name": "Google",
        "username": "john@gmail.com",
        "url": "https://google.com",
        "category": "email",
        "strength": "strong",
        "created_at": "2024-01-15T10:30:00Z"
      }
    ],
    "total": 247,
    "page": 1
  }
}
                        

Passwords API

Manage passwords in your vault programmatically.

GET /passwords

Retrieve a list of all passwords in your vault

Query Parameters

category	Filter by category (email, social, finance, etc.)
search	Search by name or username
limit	Number of results (default: 50, max: 100)

POST /passwords

Create a new password entry

Request Body

{
  "name": "Netflix",
  "username": "john@gmail.com",
  "password": "encrypted_password_string",
  "url": "https://netflix.com",
  "category": "entertainment",
  "notes": "Family account"
}

PUT /passwords/{id}

Update an existing password entry

DELETE /passwords/{id}

Delete a password entry

Password Generator API

Generate secure passwords programmatically.

POST /generate

Generate a secure random password

Request Body

{
  "length": 16,
  "uppercase": true,
  "lowercase": true,
  "numbers": true,
  "symbols": true,
  "avoid_ambiguous": false
}

Response

{
  "password": "Xk9#mP2$vL7@nQ4",
  "strength": "very_strong",
  "entropy": 95.2
}

Secure Notes API

Store and manage encrypted secure notes including recovery codes, licenses, and sensitive documents.

GET /secrets

Retrieve all secure notes

Query Parameters

type	Filter by type (note, recovery_code, license, document)
search	Search by title or content
folder_id	Filter by folder ID

POST /secrets

Create a new secure note

Request Body

{
  "title": "AWS Recovery Codes",
  "type": "recovery_code",
  "content": "encrypted_content_string",
  "folder_id": "fld_123456",
  "tags": ["aws", "cloud"]
}

DELETE /secrets/{id}

Permanently delete a secure note

Security Audit API

Analyze your vault's security posture, identify weak passwords, and check for breached credentials.

GET /audit/report

Get a comprehensive security audit report

Response

{
  "security_score": 78,
  "weak_passwords": 5,
  "reused_passwords": 12,
  "old_passwords": 8,
  "breached_passwords": 2,
  "missing_2fa": 15,
  "recommendations": [...]
}

POST /audit/breach-check

Check if a password has been exposed in data breaches

Request Body

{
  "password_hash": "sha1_prefix_of_password"
}

GET /audit/weak-passwords

List all weak or compromised passwords that need attention

Team Management API

Manage team members, groups, and shared vault access.

GET /team/members

List all team members

Response

{
  "members": [
    {
      "id": "usr_123",
      "email": "john@company.com",
      "role": "admin",
      "status": "active",
      "groups": ["Engineering", "DevOps"]
    }
  ],
  "total": 12
}

POST /team/invite

Invite a new team member

Request Body

{
  "email": "newmember@company.com",
  "role": "member",
  "groups": ["grp_engineering"]
}

GET /team/groups

List all team groups

POST /team/share

Share a vault item with team members or groups

Request Body

{
  "item_id": "pwd_123456",
  "share_with": ["usr_456", "grp_engineering"],
  "permissions": "read"
}

Webhooks

Receive real-time notifications when events occur in your vault.

Available Events

password.created

New password added

password.updated

Password modified

password.deleted

Password removed

security.breach_detected

Breach alert triggered

team.member_joined

New team member

item.shared

Item shared with team

POST /webhooks

Register a new webhook endpoint

Request Body

{
  "url": "https://yourapp.com/webhooks/vaultkey",
  "events": ["password.created", "security.breach_detected"],
  "secret": "your_webhook_secret"
}

Webhook Payload Format

{
  "id": "evt_123456789",
  "event": "password.created",
  "timestamp": "2024-01-15T10:30:00Z",
  "data": {
    "password_id": "pwd_987654321",
    "name": "Netflix",
    "category": "entertainment"
  }
}

Error Codes

The API uses standard HTTP status codes to indicate success or failure.

Code	Status	Description
200	OK	Request succeeded
201	Created	Resource created successfully
400	Bad Request	Invalid request parameters
401	Unauthorized	Invalid or missing API key
403	Forbidden	Insufficient permissions
404	Not Found	Resource not found
500	Server Error	Internal server error

SDKs & Libraries

Official client libraries for popular programming languages.

Python SDK

pip install vaultkey

JavaScript SDK

npm install @vaultkey/sdk

Go SDK

go get github.com/vaultkey/go-sdk

Rust SDK

cargo add vaultkey

Rate Limits

Plan	Requests / Minute	Requests / Day
Personal	60	10,000
Professional	300	100,000
Business	1,000	Unlimited