API Documentation

The Data Integrity OmniSeal™ API, built on a REST architecture, is designed for ease of use and predictability. Each API endpoint corresponds to a specific resource or a collection of resources, making the URLs intuitive and easy to understand. For example, register a user uses a URL like:

https://api.purecipher.com/register

The API accepts request bodies in form-encoded format. This means when you need to send data to the server (like creating or updating a resource), you'll encode this data as form fields.

Getting Started Flow

👤

Register

➔

✉️

Verify OTP

Verify the Received OTP

➔

🔑

Get API Key

Receive the API Key

➔

🚀

Use API

Invoke any Omniseal API

Code Sample

Here's a complete example showing how to register, verify OTP, and use the API to embed an Omniseal

# Step 1: Register a new user
from typing import Dict, Any
from requests import post, Response
import requests
from pathlib import Path


def register_user(email: str, password: str) -> Dict[str, Any]:
    """
    Register a new user with the API.
    """
    response: Response = post(
        "https://api.purecipher.com/register",
        json={
            "email": email,
            "password": password
        }
    )
    return response.json()


def verify_otp(email: str, otp: str) -> Dict[str, Any]:
    """
    Verify OTP and get API key.
    """
    response: Response = post(
        "https://api.purecipher.com/verify",
        json={
            "email": email,
            "otp": otp
        }
    )
    return response.json()


def embed_watermark(api_key: str, cover_image_path: str, secret_image_path: str) -> bytes:
    """
    Embed a watermark using the unified API.
    """
    with open(cover_image_path, 'rb') as cover_file, \
         open(secret_image_path, 'rb') as secret_file:
        
        response = requests.post(
            "https://api.purecipher.com/unified/embed",
            headers={"api_token": api_key},
            files={
                "cover_image": ("cover.png", cover_file, "image/png"),
                "secret_image": ("secret.png", secret_file, "image/png")
            }
        )
        
        if response.status_code == 200:
            return response.content
        else:
            raise Exception(f"Error: {response.status_code} - {response.text}")


# Example usage
if __name__ == "__main__":
    # 1. Register user
    registration = register_user("user@example.com", "secure_password123")
    print("Registration response:", registration)
    
    # 2. Verify OTP (you'll receive this in your email)
    otp_verification = verify_otp("user@example.com", "123456")  # Replace with actual OTP
    api_key = otp_verification["api_key"]
    print("API Key received:", api_key)
    
    # 3. Use the API to embed watermark
    try:
        result = embed_watermark(
            api_key,
            "path/to/cover_image.png",
            "path/to/secret_image.png"
        )
        
        # Save the result
        with open("embedded_image.png", "wb") as f:
            f.write(result)
        print("Successfully embedded watermark and saved as 'embedded_image.png'")
        
    except Exception as e:
        print(f"Error embedding watermark: {e}")

using System;
using System.Net.Http;
using System.Text;
using System.Text.Json;
using System.Threading.Tasks;

public class OmniSealClient
{
    private readonly HttpClient _client;
    private const string BaseUrl = "https://api.purecipher.com";

    public OmniSealClient()
    {
        _client = new HttpClient();
    }

    public async Task RegisterUserAsync(string email, string password)
    {
        var content = new StringContent(
            JsonSerializer.Serialize(new { email, password }),
            Encoding.UTF8,
            "application/json");

        var response = await _client.PostAsync($"{BaseUrl}/register", content);
        var jsonResponse = await response.Content.ReadAsStringAsync();
        return JsonDocument.Parse(jsonResponse);
    }

    public async Task VerifyOtpAsync(string email, string otp)
    {
        var content = new StringContent(
            JsonSerializer.Serialize(new { email, otp }),
            Encoding.UTF8,
            "application/json");

        var response = await _client.PostAsync($"{BaseUrl}/verify", content);
        var jsonResponse = await response.Content.ReadAsStringAsync();
        return JsonDocument.Parse(jsonResponse);
    }

    public async Task EmbedWatermarkAsync(string apiKey, string coverImagePath, string secretImagePath)
    {
        using var form = new MultipartFormDataContent();
        form.Add(new ByteArrayContent(await File.ReadAllBytesAsync(coverImagePath)), "cover_image", "cover.png");
        form.Add(new ByteArrayContent(await File.ReadAllBytesAsync(secretImagePath)), "secret_image", "secret.png");
        
        _client.DefaultRequestHeaders.Add("api_token", apiKey);
        var response = await _client.PostAsync($"{BaseUrl}/unified/embed", form);
        
        if (response.IsSuccessStatusCode)
        {
            return await response.Content.ReadAsByteArrayAsync();
        }
        
        throw new Exception($"Error: {response.StatusCode} - {await response.Content.ReadAsStringAsync()}");
    }
}

// Example usage
class Program
{
    static async Task Main()
    {
        var client = new OmniSealClient();

        try
        {
            // 1. Register user
            var registration = await client.RegisterUserAsync("user@example.com", "secure_password123");
            Console.WriteLine($"Registration response: {registration}");

            // 2. Verify OTP (you'll receive this in your email)
            var otpVerification = await client.VerifyOtpAsync("user@example.com", "123456"); // Replace with actual OTP
            var apiKey = otpVerification.RootElement.GetProperty("api_key").GetString();
            Console.WriteLine($"API Key received: {apiKey}");

            // 3. Use the API to embed watermark
            var result = await client.EmbedWatermarkAsync(
                apiKey,
                "path/to/cover_image.png",
                "path/to/secret_image.png"
            );

            // Save the result
            await File.WriteAllBytesAsync("embedded_image.png", result);
            Console.WriteLine("Successfully embedded watermark and saved as 'embedded_image.png'");
        }
        catch (Exception ex)
        {
            Console.WriteLine($"Error: {ex.Message}");
        }
    }
}

import java.io.*;
import java.net.HttpURLConnection;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import org.json.JSONObject;

public class OmniSealClient {
    private static final String BASE_URL = "https://api.purecipher.com";

    public JSONObject registerUser(String email, String password) throws IOException {
        URL url = new URL(BASE_URL + "/register");
        HttpURLConnection conn = (HttpURLConnection) url.openConnection();
        conn.setRequestMethod("POST");
        conn.setRequestProperty("Content-Type", "application/json");
        conn.setDoOutput(true);

        JSONObject requestBody = new JSONObject();
        requestBody.put("email", email);
        requestBody.put("password", password);

        try (OutputStream os = conn.getOutputStream()) {
            byte[] input = requestBody.toString().getBytes(StandardCharsets.UTF_8);
            os.write(input, 0, input.length);
        }

        try (BufferedReader br = new BufferedReader(new InputStreamReader(conn.getInputStream(), StandardCharsets.UTF_8))) {
            StringBuilder response = new StringBuilder();
            String responseLine;
            while ((responseLine = br.readLine()) != null) {
                response.append(responseLine.trim());
            }
            return new JSONObject(response.toString());
        }
    }

    public JSONObject verifyOtp(String email, String otp) throws IOException {
        URL url = new URL(BASE_URL + "/verify");
        HttpURLConnection conn = (HttpURLConnection) url.openConnection();
        conn.setRequestMethod("POST");
        conn.setRequestProperty("Content-Type", "application/json");
        conn.setDoOutput(true);

        JSONObject requestBody = new JSONObject();
        requestBody.put("email", email);
        requestBody.put("otp", otp);

        try (OutputStream os = conn.getOutputStream()) {
            byte[] input = requestBody.toString().getBytes(StandardCharsets.UTF_8);
            os.write(input, 0, input.length);
        }

        try (BufferedReader br = new BufferedReader(new InputStreamReader(conn.getInputStream(), StandardCharsets.UTF_8))) {
            StringBuilder response = new StringBuilder();
            String responseLine;
            while ((responseLine = br.readLine()) != null) {
                response.append(responseLine.trim());
            }
            return new JSONObject(response.toString());
        }
    }

    public byte[] embedWatermark(String apiKey, String coverImagePath, String secretImagePath) throws IOException {
        URL url = new URL(BASE_URL + "/unified/embed");
        String boundary = "Boundary-" + System.currentTimeMillis();

        HttpURLConnection conn = (HttpURLConnection) url.openConnection();
        conn.setRequestMethod("POST");
        conn.setRequestProperty("Content-Type", "multipart/form-data; boundary=" + boundary);
        conn.setRequestProperty("api_token", apiKey);
        conn.setDoOutput(true);

        try (OutputStream os = conn.getOutputStream()) {
            // Write cover image
            writeMultipartFile(os, "cover_image", "cover.png", Files.readAllBytes(new File(coverImagePath).toPath()), boundary);
            // Write secret image
            writeMultipartFile(os, "secret_image", "secret.png", Files.readAllBytes(new File(secretImagePath).toPath()), boundary);
            // Write closing boundary
            os.write(("--" + boundary + "--\r\n").getBytes());
        }

        if (conn.getResponseCode() == HttpURLConnection.HTTP_OK) {
            try (InputStream is = conn.getInputStream()) {
                return is.readAllBytes();
            }
        } else {
            throw new IOException("Error: " + conn.getResponseCode() + " - " + conn.getResponseMessage());
        }
    }

    private void writeMultipartFile(OutputStream os, String fieldName, String fileName, byte[] fileData, String boundary) throws IOException {
        os.write(("--" + boundary + "\r\n").getBytes());
        os.write(("Content-Disposition: form-data; name=\"" + fieldName + "\"; filename=\"" + fileName + "\"\r\n").getBytes());
        os.write("Content-Type: image/png\r\n\r\n".getBytes());
        os.write(fileData);
        os.write("\r\n".getBytes());
    }

    public static void main(String[] args) {
        OmniSealClient client = new OmniSealClient();

        try {
            // 1. Register user
            JSONObject registration = client.registerUser("user@example.com", "secure_password123");
            System.out.println("Registration response: " + registration.toString());

            // 2. Verify OTP (you'll receive this in your email)
            JSONObject otpVerification = client.verifyOtp("user@example.com", "123456"); // Replace with actual OTP
            String apiKey = otpVerification.getString("api_key");
            System.out.println("API Key received: " + apiKey);

            // 3. Use the API to embed watermark
            byte[] result = client.embedWatermark(
                apiKey,
                "path/to/cover_image.png",
                "path/to/secret_image.png"
            );

            // Save the result
            Files.write(new File("embedded_image.png").toPath(), result);
            System.out.println("Successfully embedded watermark and saved as 'embedded_image.png'");

        } catch (Exception e) {
            System.err.println("Error: " + e.getMessage());
        }
    }
}

const axios = require('axios');
const FormData = require('form-data');
const fs = require('fs').promises;

class OmniSealClient {
    constructor() {
        this.baseUrl = 'https://api.purecipher.com';
    }

    async registerUser(email, password) {
        try {
            const response = await axios.post(`${this.baseUrl}/register`, {
                email,
                password
            });
            return response.data;
        } catch (error) {
            throw new Error(`Registration failed: ${error.response?.data?.detail || error.message}`);
        }
    }

    async verifyOtp(email, otp) {
        try {
            const response = await axios.post(`${this.baseUrl}/verify`, {
                email,
                otp
            });
            return response.data;
        } catch (error) {
            throw new Error(`OTP verification failed: ${error.response?.data?.detail || error.message}`);
        }
    }

    async embedWatermark(apiKey, coverImagePath, secretImagePath) {
        try {
            const formData = new FormData();
            formData.append('cover_image', await fs.readFile(coverImagePath), 'cover.png');
            formData.append('secret_image', await fs.readFile(secretImagePath), 'secret.png');

            const response = await axios.post(`${this.baseUrl}/unified/embed`, formData, {
                headers: {
                    ...formData.getHeaders(),
                    'api_token': apiKey
                },
                responseType: 'arraybuffer'
            });

            return response.data;
        } catch (error) {
            throw new Error(`Embedding failed: ${error.response?.data?.detail || error.message}`);
        }
    }
}

// Example usage
async function main() {
    const client = new OmniSealClient();

    try {
        // 1. Register user
        const registration = await client.registerUser('user@example.com', 'secure_password123');
        console.log('Registration response:', registration);

        // 2. Verify OTP (you'll receive this in your email)
        const otpVerification = await client.verifyOtp('user@example.com', '123456'); // Replace with actual OTP
        const apiKey = otpVerification.api_key;
        console.log('API Key received:', apiKey);

        // 3. Use the API to embed watermark
        const result = await client.embedWatermark(
            apiKey,
            'path/to/cover_image.png',
            'path/to/secret_image.png'
        );

        // Save the result
        await fs.writeFile('embedded_image.png', result);
        console.log('Successfully embedded watermark and saved as "embedded_image.png"');

    } catch (error) {
        console.error('Error:', error.message);
    }
}

main();

Security Considerations

Security Best Practices

Use of HTTPS: HTTPS ensures that data transmitted between the client and server is encrypted, providing confidentiality and protecting against interception and eavesdropping. Enforce HTTPS for all API interactions.
Input Validation: Validate all inputs to prevent issues like SQL injection, script injection, and DoS attacks. Ensure correctness and conformity of inputs with expected formats.
Authentication and Authorization: Implement robust authentication mechanisms (e.g., OAuth, API keys) and ensure resources are accessed only by users with correct permissions.
MIME Type Validation: Perform server-side checks to validate MIME types of uploaded files against their content to detect mismatches.
Data Sanitization: Sanitize input data to remove potentially harmful elements before using it in your application.
Error Handling: Customize error messages to avoid exposing details that could be used for cyber attacks.
Encryption of Sensitive Data: Use strong encryption for data at rest and in transit, especially for sensitive information like authentication tokens and personal data.
Logging and Monitoring: Implement logging of access and errors and monitor logs for unusual activity indicating an attack.
Security Headers: Use security headers like Content-Security-Policy and X-Frame-Options to enhance security of API responses.

HTTP Status Codes

The API uses standard HTTP error codes to indicate the success or failure of a request:

Code	Status	Description
200	OK	The request was successful.
201	Created	The request was successful, and a resource was created as a result.
202	Accepted	The request has been received but not yet acted upon.
204	No Content	The request was successful, but there is no content to send in the response.
400	Bad Request	The request was unacceptable, often due to missing a required parameter.
401	Unauthorized	No valid API key provided.
403	Forbidden	The client does not have access rights to the content.
404	Not Found	The requested resource doesn't exist.
405	Method Not Allowed	The request method is not supported for the requested resource.
409	Conflict	There is a conflict with the current state of the target resource.
415	Unsupported Media Type	The payload format is in an unsupported format.
429	Too Many Requests	The user has sent too many requests in a given amount of time ("rate limiting").
500	Internal Server Error	An error occurred on the server.
502	Bad Gateway	The server, while acting as a gateway, received an invalid response from the upstream server.
503	Service Unavailable	The server is overloaded or under maintenance.
504	Gateway Timeout	The server, while acting as a gateway, did not get a timely response from the upstream server.

Test the APIs by embedding and revealing the Data Assets

Drop cover image here or click to upload Supported formats: PNG, JPG, JPEG

Drop secret image here or click to upload Supported formats: PNG, JPG, JPEG

Data Integrity OmniSeal™ API Documentation (2.0)