The Data Integrity OmniSeal™ API, built on a REST architecture, is designed for ease of use and predictability. Each API endpoint corresponds to a specific resource or a collection of resources, making the URLs intuitive and easy to understand. For example, register a user uses a URL like:
https://api.purecipher.com/register
The API accepts request bodies in form-encoded format. This means when you need to send data to the server (like creating or updating a resource), you'll encode this data as form fields.
Getting Started Flow
👤
Register
Register as a New User
➔
✉️
Verify OTP
Verify the Received OTP
➔
🔑
Get API Key
Receive the API Key
➔
🚀
Use API
Invoke any Omniseal API
Code Sample
Here's a complete example showing how to register, verify OTP, and use the API to embed an Omniseal
# Step 1: Register a new user
from typing import Dict, Any
from requests import post, Response
import requests
from pathlib import Path
def register_user(email: str, password: str) -> Dict[str, Any]:
"""
Register a new user with the API.
"""
response: Response = post(
"https://api.purecipher.com/register",
json={
"email": email,
"password": password
}
)
return response.json()
def verify_otp(email: str, otp: str) -> Dict[str, Any]:
"""
Verify OTP and get API key.
"""
response: Response = post(
"https://api.purecipher.com/verify",
json={
"email": email,
"otp": otp
}
)
return response.json()
def embed_watermark(api_key: str, cover_image_path: str, secret_image_path: str) -> bytes:
"""
Embed a watermark using the unified API.
"""
with open(cover_image_path, 'rb') as cover_file, \
open(secret_image_path, 'rb') as secret_file:
response = requests.post(
"https://api.purecipher.com/unified/embed",
headers={"api_token": api_key},
files={
"cover_image": ("cover.png", cover_file, "image/png"),
"secret_image": ("secret.png", secret_file, "image/png")
}
)
if response.status_code == 200:
return response.content
else:
raise Exception(f"Error: {response.status_code} - {response.text}")
# Example usage
if __name__ == "__main__":
# 1. Register user
registration = register_user("user@example.com", "secure_password123")
print("Registration response:", registration)
# 2. Verify OTP (you'll receive this in your email)
otp_verification = verify_otp("user@example.com", "123456") # Replace with actual OTP
api_key = otp_verification["api_key"]
print("API Key received:", api_key)
# 3. Use the API to embed watermark
try:
result = embed_watermark(
api_key,
"path/to/cover_image.png",
"path/to/secret_image.png"
)
# Save the result
with open("embedded_image.png", "wb") as f:
f.write(result)
print("Successfully embedded watermark and saved as 'embedded_image.png'")
except Exception as e:
print(f"Error embedding watermark: {e}")
using System;
using System.Net.Http;
using System.Text;
using System.Text.Json;
using System.Threading.Tasks;
public class OmniSealClient
{
private readonly HttpClient _client;
private const string BaseUrl = "https://api.purecipher.com";
public OmniSealClient()
{
_client = new HttpClient();
}
public async Task RegisterUserAsync(string email, string password)
{
var content = new StringContent(
JsonSerializer.Serialize(new { email, password }),
Encoding.UTF8,
"application/json");
var response = await _client.PostAsync($"{BaseUrl}/register", content);
var jsonResponse = await response.Content.ReadAsStringAsync();
return JsonDocument.Parse(jsonResponse);
}
public async Task VerifyOtpAsync(string email, string otp)
{
var content = new StringContent(
JsonSerializer.Serialize(new { email, otp }),
Encoding.UTF8,
"application/json");
var response = await _client.PostAsync($"{BaseUrl}/verify", content);
var jsonResponse = await response.Content.ReadAsStringAsync();
return JsonDocument.Parse(jsonResponse);
}
public async Task EmbedWatermarkAsync(string apiKey, string coverImagePath, string secretImagePath)
{
using var form = new MultipartFormDataContent();
form.Add(new ByteArrayContent(await File.ReadAllBytesAsync(coverImagePath)), "cover_image", "cover.png");
form.Add(new ByteArrayContent(await File.ReadAllBytesAsync(secretImagePath)), "secret_image", "secret.png");
_client.DefaultRequestHeaders.Add("api_token", apiKey);
var response = await _client.PostAsync($"{BaseUrl}/unified/embed", form);
if (response.IsSuccessStatusCode)
{
return await response.Content.ReadAsByteArrayAsync();
}
throw new Exception($"Error: {response.StatusCode} - {await response.Content.ReadAsStringAsync()}");
}
}
// Example usage
class Program
{
static async Task Main()
{
var client = new OmniSealClient();
try
{
// 1. Register user
var registration = await client.RegisterUserAsync("user@example.com", "secure_password123");
Console.WriteLine($"Registration response: {registration}");
// 2. Verify OTP (you'll receive this in your email)
var otpVerification = await client.VerifyOtpAsync("user@example.com", "123456"); // Replace with actual OTP
var apiKey = otpVerification.RootElement.GetProperty("api_key").GetString();
Console.WriteLine($"API Key received: {apiKey}");
// 3. Use the API to embed watermark
var result = await client.EmbedWatermarkAsync(
apiKey,
"path/to/cover_image.png",
"path/to/secret_image.png"
);
// Save the result
await File.WriteAllBytesAsync("embedded_image.png", result);
Console.WriteLine("Successfully embedded watermark and saved as 'embedded_image.png'");
}
catch (Exception ex)
{
Console.WriteLine($"Error: {ex.Message}");
}
}
}
import java.io.*;
import java.net.HttpURLConnection;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import org.json.JSONObject;
public class OmniSealClient {
private static final String BASE_URL = "https://api.purecipher.com";
public JSONObject registerUser(String email, String password) throws IOException {
URL url = new URL(BASE_URL + "/register");
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setRequestProperty("Content-Type", "application/json");
conn.setDoOutput(true);
JSONObject requestBody = new JSONObject();
requestBody.put("email", email);
requestBody.put("password", password);
try (OutputStream os = conn.getOutputStream()) {
byte[] input = requestBody.toString().getBytes(StandardCharsets.UTF_8);
os.write(input, 0, input.length);
}
try (BufferedReader br = new BufferedReader(new InputStreamReader(conn.getInputStream(), StandardCharsets.UTF_8))) {
StringBuilder response = new StringBuilder();
String responseLine;
while ((responseLine = br.readLine()) != null) {
response.append(responseLine.trim());
}
return new JSONObject(response.toString());
}
}
public JSONObject verifyOtp(String email, String otp) throws IOException {
URL url = new URL(BASE_URL + "/verify");
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setRequestProperty("Content-Type", "application/json");
conn.setDoOutput(true);
JSONObject requestBody = new JSONObject();
requestBody.put("email", email);
requestBody.put("otp", otp);
try (OutputStream os = conn.getOutputStream()) {
byte[] input = requestBody.toString().getBytes(StandardCharsets.UTF_8);
os.write(input, 0, input.length);
}
try (BufferedReader br = new BufferedReader(new InputStreamReader(conn.getInputStream(), StandardCharsets.UTF_8))) {
StringBuilder response = new StringBuilder();
String responseLine;
while ((responseLine = br.readLine()) != null) {
response.append(responseLine.trim());
}
return new JSONObject(response.toString());
}
}
public byte[] embedWatermark(String apiKey, String coverImagePath, String secretImagePath) throws IOException {
URL url = new URL(BASE_URL + "/unified/embed");
String boundary = "Boundary-" + System.currentTimeMillis();
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setRequestProperty("Content-Type", "multipart/form-data; boundary=" + boundary);
conn.setRequestProperty("api_token", apiKey);
conn.setDoOutput(true);
try (OutputStream os = conn.getOutputStream()) {
// Write cover image
writeMultipartFile(os, "cover_image", "cover.png", Files.readAllBytes(new File(coverImagePath).toPath()), boundary);
// Write secret image
writeMultipartFile(os, "secret_image", "secret.png", Files.readAllBytes(new File(secretImagePath).toPath()), boundary);
// Write closing boundary
os.write(("--" + boundary + "--\r\n").getBytes());
}
if (conn.getResponseCode() == HttpURLConnection.HTTP_OK) {
try (InputStream is = conn.getInputStream()) {
return is.readAllBytes();
}
} else {
throw new IOException("Error: " + conn.getResponseCode() + " - " + conn.getResponseMessage());
}
}
private void writeMultipartFile(OutputStream os, String fieldName, String fileName, byte[] fileData, String boundary) throws IOException {
os.write(("--" + boundary + "\r\n").getBytes());
os.write(("Content-Disposition: form-data; name=\"" + fieldName + "\"; filename=\"" + fileName + "\"\r\n").getBytes());
os.write("Content-Type: image/png\r\n\r\n".getBytes());
os.write(fileData);
os.write("\r\n".getBytes());
}
public static void main(String[] args) {
OmniSealClient client = new OmniSealClient();
try {
// 1. Register user
JSONObject registration = client.registerUser("user@example.com", "secure_password123");
System.out.println("Registration response: " + registration.toString());
// 2. Verify OTP (you'll receive this in your email)
JSONObject otpVerification = client.verifyOtp("user@example.com", "123456"); // Replace with actual OTP
String apiKey = otpVerification.getString("api_key");
System.out.println("API Key received: " + apiKey);
// 3. Use the API to embed watermark
byte[] result = client.embedWatermark(
apiKey,
"path/to/cover_image.png",
"path/to/secret_image.png"
);
// Save the result
Files.write(new File("embedded_image.png").toPath(), result);
System.out.println("Successfully embedded watermark and saved as 'embedded_image.png'");
} catch (Exception e) {
System.err.println("Error: " + e.getMessage());
}
}
}
const axios = require('axios');
const FormData = require('form-data');
const fs = require('fs').promises;
class OmniSealClient {
constructor() {
this.baseUrl = 'https://api.purecipher.com';
}
async registerUser(email, password) {
try {
const response = await axios.post(`${this.baseUrl}/register`, {
email,
password
});
return response.data;
} catch (error) {
throw new Error(`Registration failed: ${error.response?.data?.detail || error.message}`);
}
}
async verifyOtp(email, otp) {
try {
const response = await axios.post(`${this.baseUrl}/verify`, {
email,
otp
});
return response.data;
} catch (error) {
throw new Error(`OTP verification failed: ${error.response?.data?.detail || error.message}`);
}
}
async embedWatermark(apiKey, coverImagePath, secretImagePath) {
try {
const formData = new FormData();
formData.append('cover_image', await fs.readFile(coverImagePath), 'cover.png');
formData.append('secret_image', await fs.readFile(secretImagePath), 'secret.png');
const response = await axios.post(`${this.baseUrl}/unified/embed`, formData, {
headers: {
...formData.getHeaders(),
'api_token': apiKey
},
responseType: 'arraybuffer'
});
return response.data;
} catch (error) {
throw new Error(`Embedding failed: ${error.response?.data?.detail || error.message}`);
}
}
}
// Example usage
async function main() {
const client = new OmniSealClient();
try {
// 1. Register user
const registration = await client.registerUser('user@example.com', 'secure_password123');
console.log('Registration response:', registration);
// 2. Verify OTP (you'll receive this in your email)
const otpVerification = await client.verifyOtp('user@example.com', '123456'); // Replace with actual OTP
const apiKey = otpVerification.api_key;
console.log('API Key received:', apiKey);
// 3. Use the API to embed watermark
const result = await client.embedWatermark(
apiKey,
'path/to/cover_image.png',
'path/to/secret_image.png'
);
// Save the result
await fs.writeFile('embedded_image.png', result);
console.log('Successfully embedded watermark and saved as "embedded_image.png"');
} catch (error) {
console.error('Error:', error.message);
}
}
main();
Security Considerations
Security Best Practices
Use of HTTPS: HTTPS ensures that data transmitted between the client and server is encrypted, providing confidentiality and protecting against interception and eavesdropping. Enforce HTTPS for all API interactions.
Input Validation: Validate all inputs to prevent issues like SQL injection, script injection, and DoS attacks. Ensure correctness and conformity of inputs with expected formats.
Authentication and Authorization: Implement robust authentication mechanisms (e.g., OAuth, API keys) and ensure resources are accessed only by users with correct permissions.
MIME Type Validation: Perform server-side checks to validate MIME types of uploaded files against their content to detect mismatches.
Data Sanitization: Sanitize input data to remove potentially harmful elements before using it in your application.
Error Handling: Customize error messages to avoid exposing details that could be used for cyber attacks.
Encryption of Sensitive Data: Use strong encryption for data at rest and in transit, especially for sensitive information like authentication tokens and personal data.
Logging and Monitoring: Implement logging of access and errors and monitor logs for unusual activity indicating an attack.
Security Headers: Use security headers like Content-Security-Policy and X-Frame-Options to enhance security of API responses.
HTTP Status Codes
The API uses standard HTTP error codes to indicate the success or failure of a request:
Code
Status
Description
200
OK
The request was successful.
201
Created
The request was successful, and a resource was created as a result.
202
Accepted
The request has been received but not yet acted upon.
204
No Content
The request was successful, but there is no content to send in the response.
400
Bad Request
The request was unacceptable, often due to missing a required parameter.
401
Unauthorized
No valid API key provided.
403
Forbidden
The client does not have access rights to the content.
404
Not Found
The requested resource doesn't exist.
405
Method Not Allowed
The request method is not supported for the requested resource.
409
Conflict
There is a conflict with the current state of the target resource.
415
Unsupported Media Type
The payload format is in an unsupported format.
429
Too Many Requests
The user has sent too many requests in a given amount of time ("rate limiting").
500
Internal Server Error
An error occurred on the server.
502
Bad Gateway
The server, while acting as a gateway, received an invalid response from the upstream server.
503
Service Unavailable
The server is overloaded or under maintenance.
504
Gateway Timeout
The server, while acting as a gateway, did not get a timely response from the upstream server.
Test the APIs by embedding and revealing the Data Assets
Drop cover image here or click to uploadSupported formats: PNG, JPG, JPEG
Drop secret image here or click to uploadSupported formats: PNG, JPG, JPEG
Drop cover document here or click to uploadSupported formats: PDF, DOCX, PPTX, XLSX
Drop secret document here or click to uploadSupported formats: PDF, DOCX, PPTX, XLSX