{ "generatedAt": "2026-04-20T07:56:38.406Z", "siteUrl": "https://docs.cryptflare.com", "openapiUrl": "https://api.cryptflare.com/v1/openapi.json", "llmsTxtUrl": "https://docs.cryptflare.com/llms.txt", "llmsFullUrl": "https://docs.cryptflare.com/llms-full.txt", "pages": [ { "route": "/api-reference/authentication", "url": "https://docs.cryptflare.com/api-reference/authentication", "markdownUrl": "https://docs.cryptflare.com/api-reference/authentication.md", "section": "api-reference", "title": "Authentication", "description": "Passwordless authentication via email OTP. Session cookies, CSRF protection, and session lifecycle.", "endpoint": null, "permission": null, "tags": [] }, { "route": "/api-reference/authentication/get-me", "url": "https://docs.cryptflare.com/api-reference/authentication/get-me", "markdownUrl": "https://docs.cryptflare.com/api-reference/authentication/get-me.md", "section": "api-reference", "title": "Get current user", "description": "GET /auth/me - returns the authenticated user with organisations, roles, and resolved permissions.", "endpoint": "GET /v1/auth/me", "permission": null, "tags": [ "auth", "me", "auth-required" ] }, { "route": "/api-reference/authentication/logout", "url": "https://docs.cryptflare.com/api-reference/authentication/logout", "markdownUrl": "https://docs.cryptflare.com/api-reference/authentication/logout.md", "section": "api-reference", "title": "Log out", "description": "POST /auth/logout - destroys the current session and clears the session cookie.", "endpoint": "POST /v1/auth/logout", "permission": null, "tags": [ "auth", "logout", "auth-required" ] }, { "route": "/api-reference/authentication/request-otp", "url": "https://docs.cryptflare.com/api-reference/authentication/request-otp", "markdownUrl": "https://docs.cryptflare.com/api-reference/authentication/request-otp.md", "section": "api-reference", "title": "Request a login OTP", "description": "POST /auth/login - sends a 6-digit OTP to the provided email. Identical response whether the email exists or not.", "endpoint": "POST /v1/auth/login", "permission": null, "tags": [ "auth", "login", "auth-required" ] }, { "route": "/api-reference/authentication/verify-otp", "url": "https://docs.cryptflare.com/api-reference/authentication/verify-otp", "markdownUrl": "https://docs.cryptflare.com/api-reference/authentication/verify-otp.md", "section": "api-reference", "title": "Verify an OTP code", "description": "POST /auth/verify - validates the 6-digit OTP code and issues a session cookie.", "endpoint": "POST /v1/auth/verify", "permission": null, "tags": [ "auth", "verify", "auth-required" ] }, { "route": "/api-reference/backups", "url": "https://docs.cryptflare.com/api-reference/backups", "markdownUrl": "https://docs.cryptflare.com/api-reference/backups.md", "section": "api-reference", "title": "Database Backups", "description": "Manage automated and manual database backups via the console API.", "endpoint": null, "permission": null, "tags": [] }, { "route": "/api-reference/backups/delete-backup", "url": "https://docs.cryptflare.com/api-reference/backups/delete-backup", "markdownUrl": "https://docs.cryptflare.com/api-reference/backups/delete-backup.md", "section": "api-reference", "title": "Delete backup", "description": "DELETE /console/database/backups/:key - permanently removes a backup snapshot.", "endpoint": "DELETE /v1/console/database/backups/:key", "permission": "console:database:manage", "tags": [ "backups", "delete", "auth-required" ] }, { "route": "/api-reference/backups/download-backup", "url": "https://docs.cryptflare.com/api-reference/backups/download-backup", "markdownUrl": "https://docs.cryptflare.com/api-reference/backups/download-backup.md", "section": "api-reference", "title": "Download backup", "description": "GET /console/database/backups/:key - downloads the raw backup JSON file.", "endpoint": "GET /v1/console/database/backups/:key", "permission": "console:database:read", "tags": [ "backups", "read", "auth-required" ] }, { "route": "/api-reference/backups/list-backups", "url": "https://docs.cryptflare.com/api-reference/backups/list-backups", "markdownUrl": "https://docs.cryptflare.com/api-reference/backups/list-backups.md", "section": "api-reference", "title": "List backups", "description": "GET /console/database/backups - returns every available backup with schedule info.", "endpoint": "GET /v1/console/database/backups", "permission": "console:database:read", "tags": [ "backups", "list", "auth-required" ] }, { "route": "/api-reference/backups/restore-backup", "url": "https://docs.cryptflare.com/api-reference/backups/restore-backup", "markdownUrl": "https://docs.cryptflare.com/api-reference/backups/restore-backup.md", "section": "api-reference", "title": "Restore from backup", "description": "POST /console/database/backups/restore - restores tables from a backup snapshot. Supports full, per-table, and per-org restore modes.", "endpoint": "POST /v1/console/database/backups/restore", "permission": "console:database:manage", "tags": [ "backups", "restore", "auth-required" ] }, { "route": "/api-reference/backups/trigger-backup", "url": "https://docs.cryptflare.com/api-reference/backups/trigger-backup", "markdownUrl": "https://docs.cryptflare.com/api-reference/backups/trigger-backup.md", "section": "api-reference", "title": "Trigger manual backup", "description": "POST /console/database/backups - creates an immediate backup of both databases.", "endpoint": "POST /v1/console/database/backups", "permission": "console:database:manage", "tags": [ "backups", "create", "auth-required" ] }, { "route": "/api-reference/compliance", "url": "https://docs.cryptflare.com/api-reference/compliance", "markdownUrl": "https://docs.cryptflare.com/api-reference/compliance.md", "section": "api-reference", "title": "Compliance Reports", "description": "Generate audit-ready compliance reports for SOC 2, PCI DSS, HIPAA, ISO 27001, GDPR, and NIST 800-53.", "endpoint": null, "permission": null, "tags": [] }, { "route": "/api-reference/compliance/download-report", "url": "https://docs.cryptflare.com/api-reference/compliance/download-report", "markdownUrl": "https://docs.cryptflare.com/api-reference/compliance/download-report.md", "section": "api-reference", "title": "Download report", "description": "GET /compliance/report/:jobId/download - download the generated compliance report.", "endpoint": "GET /v1/organisations/:org/compliance/report/:jobId/download", "permission": "audit:export", "tags": [ "report", "download", "auth-required", "async" ] }, { "route": "/api-reference/compliance/generate-report", "url": "https://docs.cryptflare.com/api-reference/compliance/generate-report", "markdownUrl": "https://docs.cryptflare.com/api-reference/compliance/generate-report.md", "section": "api-reference", "title": "Generate a compliance report", "description": "POST /compliance/report - queue generation of an audit-ready compliance report.", "endpoint": "POST /v1/organisations/:org/compliance/report", "permission": "audit:export", "tags": [ "report", "create", "auth-required", "async" ] }, { "route": "/api-reference/compliance/report-status", "url": "https://docs.cryptflare.com/api-reference/compliance/report-status", "markdownUrl": "https://docs.cryptflare.com/api-reference/compliance/report-status.md", "section": "api-reference", "title": "Get report status", "description": "GET /compliance/report/:jobId - poll for the status of a compliance report.", "endpoint": "GET /v1/organisations/:org/compliance/report/:jobId", "permission": "audit:export", "tags": [ "report", "read", "auth-required", "async" ] }, { "route": "/api-reference/data-residency", "url": "https://docs.cryptflare.com/api-reference/data-residency", "markdownUrl": "https://docs.cryptflare.com/api-reference/data-residency.md", "section": "api-reference", "title": "Data Residency", "description": "Set and manage data residency regions for your organisation via the API.", "endpoint": null, "permission": null, "tags": [] }, { "route": "/api-reference/data-residency/get-status", "url": "https://docs.cryptflare.com/api-reference/data-residency/get-status", "markdownUrl": "https://docs.cryptflare.com/api-reference/data-residency/get-status.md", "section": "api-reference", "title": "Get data region status", "description": "GET /data-region/status - returns the current region and active migration progress.", "endpoint": "GET /v1/organisations/:org/data-region/status", "permission": "org:read", "tags": [ "data-region", "status", "auth-required" ] }, { "route": "/api-reference/data-residency/set-region", "url": "https://docs.cryptflare.com/api-reference/data-residency/set-region", "markdownUrl": "https://docs.cryptflare.com/api-reference/data-residency/set-region.md", "section": "api-reference", "title": "Set data residency region", "description": "POST /data-region - sets the geographic region where organisation data is stored. Starts a migration if data already exists.", "endpoint": "POST /v1/organisations/:org/data-region", "permission": "org:update", "tags": [ "data-region", "create", "auth-required" ] }, { "route": "/api-reference/dynamic-secrets", "url": "https://docs.cryptflare.com/api-reference/dynamic-secrets", "markdownUrl": "https://docs.cryptflare.com/api-reference/dynamic-secrets.md", "section": "api-reference", "title": "Dynamic Secrets", "description": "Mint short-lived credentials on demand from upstream cloud providers with strict TTL and quota enforcement.", "endpoint": null, "permission": null, "tags": [] }, { "route": "/api-reference/dynamic-secrets/create-config", "url": "https://docs.cryptflare.com/api-reference/dynamic-secrets/create-config", "markdownUrl": "https://docs.cryptflare.com/api-reference/dynamic-secrets/create-config.md", "section": "api-reference", "title": "Create a dynamic secret config", "description": "POST /dynamic-secrets/configs - register a new upstream provider integration and store encrypted root credentials.", "endpoint": "POST /v1/organisations/:org/dynamic-secrets/configs", "permission": "dynamic_secrets:manage", "tags": [ "configs", "create", "auth-required" ] }, { "route": "/api-reference/dynamic-secrets/delete-config", "url": "https://docs.cryptflare.com/api-reference/dynamic-secrets/delete-config", "markdownUrl": "https://docs.cryptflare.com/api-reference/dynamic-secrets/delete-config.md", "section": "api-reference", "title": "Delete a dynamic secret config", "description": "DELETE /dynamic-secrets/configs/:configId - drain active leases at the provider, then hard-delete the configuration.", "endpoint": "DELETE /v1/organisations/:org/dynamic-secrets/configs/:configId", "permission": "dynamic_secrets:manage", "tags": [ "configs", "delete", "auth-required" ] }, { "route": "/api-reference/dynamic-secrets/force-revoke-lease", "url": "https://docs.cryptflare.com/api-reference/dynamic-secrets/force-revoke-lease", "markdownUrl": "https://docs.cryptflare.com/api-reference/dynamic-secrets/force-revoke-lease.md", "section": "api-reference", "title": "Force-revoke an irrevocable lease", "description": "POST /dynamic-secrets/leases/:leaseId/force-revoke - operator escape hatch for leases stuck in irrevocable state.", "endpoint": "POST /v1/organisations/:org/dynamic-secrets/leases/:leaseId/force-revoke", "permission": "dynamic_secrets:manage", "tags": [ "leases", "force-revoke", "auth-required" ] }, { "route": "/api-reference/dynamic-secrets/get-config", "url": "https://docs.cryptflare.com/api-reference/dynamic-secrets/get-config", "markdownUrl": "https://docs.cryptflare.com/api-reference/dynamic-secrets/get-config.md", "section": "api-reference", "title": "Get a dynamic secret config", "description": "GET /dynamic-secrets/configs/:configId - fetch a single configuration without root credentials.", "endpoint": "GET /v1/organisations/:org/dynamic-secrets/configs/:configId", "permission": "dynamic_secrets:read", "tags": [ "configs", "read", "auth-required" ] }, { "route": "/api-reference/dynamic-secrets/issue-lease", "url": "https://docs.cryptflare.com/api-reference/dynamic-secrets/issue-lease", "markdownUrl": "https://docs.cryptflare.com/api-reference/dynamic-secrets/issue-lease.md", "section": "api-reference", "title": "Issue a dynamic secret lease", "description": "POST /dynamic-secrets/configs/:configId/lease - mint a fresh short-lived credential at the upstream provider.", "endpoint": "POST /v1/organisations/:org/dynamic-secrets/configs/:configId/lease", "permission": "dynamic_secrets:issue", "tags": [ "lease", "create", "auth-required" ] }, { "route": "/api-reference/dynamic-secrets/list-configs", "url": "https://docs.cryptflare.com/api-reference/dynamic-secrets/list-configs", "markdownUrl": "https://docs.cryptflare.com/api-reference/dynamic-secrets/list-configs.md", "section": "api-reference", "title": "List dynamic secret configs", "description": "GET /dynamic-secrets/configs - returns all dynamic secret configurations for the organisation, without root credentials.", "endpoint": "GET /v1/organisations/:org/dynamic-secrets/configs", "permission": "dynamic_secrets:read", "tags": [ "configs", "list", "auth-required" ] }, { "route": "/api-reference/dynamic-secrets/list-leases", "url": "https://docs.cryptflare.com/api-reference/dynamic-secrets/list-leases", "markdownUrl": "https://docs.cryptflare.com/api-reference/dynamic-secrets/list-leases.md", "section": "api-reference", "title": "List dynamic secret leases", "description": "GET /dynamic-secrets/leases - returns lease history for the organisation with optional filters.", "endpoint": "GET /v1/organisations/:org/dynamic-secrets/leases", "permission": "dynamic_secrets:read", "tags": [ "leases", "list", "auth-required", "paginated" ] }, { "route": "/api-reference/dynamic-secrets/renew-lease", "url": "https://docs.cryptflare.com/api-reference/dynamic-secrets/renew-lease", "markdownUrl": "https://docs.cryptflare.com/api-reference/dynamic-secrets/renew-lease.md", "section": "api-reference", "title": "Renew a dynamic secret lease", "description": "POST /dynamic-secrets/leases/:leaseId/renew - Vault-style lease renewal bounded by max_expires_at.", "endpoint": "POST /v1/organisations/:org/dynamic-secrets/leases/:leaseId/renew", "permission": "dynamic_secrets:issue", "tags": [ "leases", "renew", "auth-required" ] }, { "route": "/api-reference/dynamic-secrets/revoke-lease", "url": "https://docs.cryptflare.com/api-reference/dynamic-secrets/revoke-lease", "markdownUrl": "https://docs.cryptflare.com/api-reference/dynamic-secrets/revoke-lease.md", "section": "api-reference", "title": "Revoke a dynamic secret lease", "description": "DELETE /dynamic-secrets/leases/:leaseId - manually revoke an active lease at the upstream provider.", "endpoint": "DELETE /v1/organisations/:org/dynamic-secrets/leases/:leaseId", "permission": "dynamic_secrets:issue", "tags": [ "leases", "delete", "auth-required" ] }, { "route": "/api-reference/dynamic-secrets/unwrap-credentials", "url": "https://docs.cryptflare.com/api-reference/dynamic-secrets/unwrap-credentials", "markdownUrl": "https://docs.cryptflare.com/api-reference/dynamic-secrets/unwrap-credentials.md", "section": "api-reference", "title": "Unwrap a credential token", "description": "POST /dynamic-secrets/unwrap/:token - exchange a single-use wrap token for the underlying credentials.", "endpoint": "POST /v1/organisations/:org/dynamic-secrets/unwrap/:token", "permission": "dynamic_secrets:issue", "tags": [ "dynamic-secrets", "unwrap", "auth-required" ] }, { "route": "/api-reference/dynamic-secrets/update-config", "url": "https://docs.cryptflare.com/api-reference/dynamic-secrets/update-config", "markdownUrl": "https://docs.cryptflare.com/api-reference/dynamic-secrets/update-config.md", "section": "api-reference", "title": "Update a dynamic secret config", "description": "PATCH /dynamic-secrets/configs/:configId - update editable fields on an existing configuration.", "endpoint": "PATCH /v1/organisations/:org/dynamic-secrets/configs/:configId", "permission": "dynamic_secrets:manage", "tags": [ "configs", "update", "auth-required" ] }, { "route": "/api-reference/dynamic-secrets/validate-config", "url": "https://docs.cryptflare.com/api-reference/dynamic-secrets/validate-config", "markdownUrl": "https://docs.cryptflare.com/api-reference/dynamic-secrets/validate-config.md", "section": "api-reference", "title": "Re-run provider permission check", "description": "POST /dynamic-secrets/configs/:configId/validate - re-run the provider adapter's validate() hook against the stored root credentials and return pass/fail without modifying state.", "endpoint": "POST /v1/organisations/:org/dynamic-secrets/configs/:configId/validate", "permission": "dynamic_secrets:manage", "tags": [ "configs", "validate", "auth-required" ] }, { "route": "/api-reference/environments", "url": "https://docs.cryptflare.com/api-reference/environments", "markdownUrl": "https://docs.cryptflare.com/api-reference/environments.md", "section": "api-reference", "title": "Environments", "description": "Isolated secret containers within a workspace. Create, list, and delete environments.", "endpoint": null, "permission": null, "tags": [] }, { "route": "/api-reference/environments/create-environment", "url": "https://docs.cryptflare.com/api-reference/environments/create-environment", "markdownUrl": "https://docs.cryptflare.com/api-reference/environments/create-environment.md", "section": "api-reference", "title": "Create an environment", "description": "POST /environments - creates a new environment inside a workspace.", "endpoint": "POST /v1/organisations/:org/workspaces/:ws/environments", "permission": "environments:create", "tags": [ "environments", "create", "auth-required" ] }, { "route": "/api-reference/environments/delete-environment", "url": "https://docs.cryptflare.com/api-reference/environments/delete-environment", "markdownUrl": "https://docs.cryptflare.com/api-reference/environments/delete-environment.md", "section": "api-reference", "title": "Delete an environment", "description": "DELETE /environments/:env - permanently deletes an environment and all its secrets, pods, and version history.", "endpoint": "DELETE /v1/organisations/:org/workspaces/:ws/environments/:env", "permission": "environments:delete", "tags": [ "environments", "delete", "auth-required" ] }, { "route": "/api-reference/environments/list-environments", "url": "https://docs.cryptflare.com/api-reference/environments/list-environments", "markdownUrl": "https://docs.cryptflare.com/api-reference/environments/list-environments.md", "section": "api-reference", "title": "List environments", "description": "GET /environments - returns all environments inside a workspace.", "endpoint": "GET /v1/organisations/:org/workspaces/:ws/environments", "permission": "environments:read", "tags": [ "environments", "list", "auth-required" ] }, { "route": "/api-reference/environments/resolve-path", "url": "https://docs.cryptflare.com/api-reference/environments/resolve-path", "markdownUrl": "https://docs.cryptflare.com/api-reference/environments/resolve-path.md", "section": "api-reference", "title": "Resolve a path", "description": "GET /environments/:env/resolve-path - resolves a slash-joined URL tail to an env, pod, or secret.", "endpoint": "GET /v1/organisations/:org/workspaces/:ws/environments/:env/resolve-path", "permission": "secrets:list", "tags": [ "environments", "resolve-path", "auth-required" ] }, { "route": "/api-reference/errors", "url": "https://docs.cryptflare.com/api-reference/errors", "markdownUrl": "https://docs.cryptflare.com/api-reference/errors.md", "section": "api-reference", "title": "Errors", "description": "Error response format, codes, and handling best practices", "endpoint": null, "permission": null, "tags": [] }, { "route": "/api-reference/event-subscriptions", "url": "https://docs.cryptflare.com/api-reference/event-subscriptions", "markdownUrl": "https://docs.cryptflare.com/api-reference/event-subscriptions.md", "section": "api-reference", "title": "Event Subscriptions", "description": "Subscribe to audit events and receive real-time HTTP notifications with HMAC-SHA256 signed payloads.", "endpoint": null, "permission": null, "tags": [] }, { "route": "/api-reference/event-subscriptions/create-subscription", "url": "https://docs.cryptflare.com/api-reference/event-subscriptions/create-subscription", "markdownUrl": "https://docs.cryptflare.com/api-reference/event-subscriptions/create-subscription.md", "section": "api-reference", "title": "Create an event subscription", "description": "POST /events/subscriptions - creates a new webhook subscription with HMAC signing.", "endpoint": "POST /v1/organisations/:org/events/subscriptions", "permission": "events:manage", "tags": [ "subscriptions", "create", "auth-required" ] }, { "route": "/api-reference/event-subscriptions/delete-subscription", "url": "https://docs.cryptflare.com/api-reference/event-subscriptions/delete-subscription", "markdownUrl": "https://docs.cryptflare.com/api-reference/event-subscriptions/delete-subscription.md", "section": "api-reference", "title": "Delete an event subscription", "description": "DELETE /events/subscriptions/:subscriptionId - permanently deletes a subscription and its delivery logs.", "endpoint": "DELETE /v1/organisations/:org/events/subscriptions/:subscriptionId", "permission": "events:manage", "tags": [ "subscriptions", "delete", "auth-required" ] }, { "route": "/api-reference/event-subscriptions/get-status", "url": "https://docs.cryptflare.com/api-reference/event-subscriptions/get-status", "markdownUrl": "https://docs.cryptflare.com/api-reference/event-subscriptions/get-status.md", "section": "api-reference", "title": "Get events status", "description": "GET /events/status - returns whether event subscriptions are enabled for this organisation.", "endpoint": "GET /v1/organisations/:org/events/status", "permission": "events:read", "tags": [ "events", "status", "auth-required" ] }, { "route": "/api-reference/event-subscriptions/list-deliveries", "url": "https://docs.cryptflare.com/api-reference/event-subscriptions/list-deliveries", "markdownUrl": "https://docs.cryptflare.com/api-reference/event-subscriptions/list-deliveries.md", "section": "api-reference", "title": "List delivery log", "description": "GET /events/deliveries - returns recent delivery attempts across every subscription.", "endpoint": "GET /v1/organisations/:org/events/deliveries", "permission": "events:read", "tags": [ "deliveries", "list", "auth-required", "paginated" ] }, { "route": "/api-reference/event-subscriptions/list-subscriptions", "url": "https://docs.cryptflare.com/api-reference/event-subscriptions/list-subscriptions", "markdownUrl": "https://docs.cryptflare.com/api-reference/event-subscriptions/list-subscriptions.md", "section": "api-reference", "title": "List event subscriptions", "description": "GET /events/subscriptions - returns every event subscription in the organisation.", "endpoint": "GET /v1/organisations/:org/events/subscriptions", "permission": "events:read", "tags": [ "subscriptions", "list", "auth-required" ] }, { "route": "/api-reference/event-subscriptions/redeliver", "url": "https://docs.cryptflare.com/api-reference/event-subscriptions/redeliver", "markdownUrl": "https://docs.cryptflare.com/api-reference/event-subscriptions/redeliver.md", "section": "api-reference", "title": "Redeliver a failed event", "description": "POST /events/deliveries/:deliveryId/redeliver - retries a single failed delivery.", "endpoint": "POST /v1/organisations/:org/events/deliveries/:deliveryId/redeliver", "permission": "events:manage", "tags": [ "deliveries", "redeliver", "auth-required" ] }, { "route": "/api-reference/event-subscriptions/replay", "url": "https://docs.cryptflare.com/api-reference/event-subscriptions/replay", "markdownUrl": "https://docs.cryptflare.com/api-reference/event-subscriptions/replay.md", "section": "api-reference", "title": "Replay events", "description": "POST /events/subscriptions/:subscriptionId/replay - re-sends audit events from a time range to a subscription.", "endpoint": "POST /v1/organisations/:org/events/subscriptions/:subscriptionId/replay", "permission": "events:manage", "tags": [ "subscriptions", "replay", "auth-required" ] }, { "route": "/api-reference/event-subscriptions/rotate-secret", "url": "https://docs.cryptflare.com/api-reference/event-subscriptions/rotate-secret", "markdownUrl": "https://docs.cryptflare.com/api-reference/event-subscriptions/rotate-secret.md", "section": "api-reference", "title": "Rotate signing secret", "description": "POST /events/subscriptions/:subscriptionId/rotate-secret - rotates the HMAC signing secret with a 24h grace period.", "endpoint": "POST /v1/organisations/:org/events/subscriptions/:subscriptionId/rotate-secret", "permission": "events:manage", "tags": [ "subscriptions", "rotate-secret", "auth-required" ] }, { "route": "/api-reference/event-subscriptions/test-subscription", "url": "https://docs.cryptflare.com/api-reference/event-subscriptions/test-subscription", "markdownUrl": "https://docs.cryptflare.com/api-reference/event-subscriptions/test-subscription.md", "section": "api-reference", "title": "Send a test event", "description": "POST /events/subscriptions/:subscriptionId/test - sends a test.ping event to verify connectivity and HMAC signing.", "endpoint": "POST /v1/organisations/:org/events/subscriptions/:subscriptionId/test", "permission": "events:manage", "tags": [ "subscriptions", "test", "auth-required" ] }, { "route": "/api-reference/event-subscriptions/toggle-events", "url": "https://docs.cryptflare.com/api-reference/event-subscriptions/toggle-events", "markdownUrl": "https://docs.cryptflare.com/api-reference/event-subscriptions/toggle-events.md", "section": "api-reference", "title": "Toggle events", "description": "POST /events/toggle - enables or disables event subscriptions org-wide. Owner only.", "endpoint": "POST /v1/organisations/:org/events/toggle", "permission": "events:manage", "tags": [ "events", "toggle", "auth-required" ] }, { "route": "/api-reference/event-subscriptions/update-subscription", "url": "https://docs.cryptflare.com/api-reference/event-subscriptions/update-subscription", "markdownUrl": "https://docs.cryptflare.com/api-reference/event-subscriptions/update-subscription.md", "section": "api-reference", "title": "Update an event subscription", "description": "PATCH /events/subscriptions/:subscriptionId - update name, URL, events, secret, headers, or active state.", "endpoint": "PATCH /v1/organisations/:org/events/subscriptions/:subscriptionId", "permission": "events:manage", "tags": [ "subscriptions", "update", "auth-required" ] }, { "route": "/api-reference/feedback", "url": "https://docs.cryptflare.com/api-reference/feedback", "markdownUrl": "https://docs.cryptflare.com/api-reference/feedback.md", "section": "api-reference", "title": "Feedback", "description": "Submit and retrieve documentation page feedback.", "endpoint": null, "permission": null, "tags": [] }, { "route": "/api-reference/feedback/get-feedback", "url": "https://docs.cryptflare.com/api-reference/feedback/get-feedback", "markdownUrl": "https://docs.cryptflare.com/api-reference/feedback/get-feedback.md", "section": "api-reference", "title": "Get feedback", "description": "GET /feedback - returns the authenticated user's feedback for a specific documentation page.", "endpoint": "GET /v1/feedback", "permission": "session", "tags": [ "feedback", "list", "auth-required" ] }, { "route": "/api-reference/feedback/submit-feedback", "url": "https://docs.cryptflare.com/api-reference/feedback/submit-feedback", "markdownUrl": "https://docs.cryptflare.com/api-reference/feedback/submit-feedback.md", "section": "api-reference", "title": "Submit feedback", "description": "POST /feedback - submits a rating for a documentation page. Anonymous feedback is accepted.", "endpoint": "POST /v1/feedback", "permission": null, "tags": [ "feedback", "create", "auth-required" ] }, { "route": "/api-reference/idempotency", "url": "https://docs.cryptflare.com/api-reference/idempotency", "markdownUrl": "https://docs.cryptflare.com/api-reference/idempotency.md", "section": "api-reference", "title": "Idempotency", "description": "Safely retry mutations with the Idempotency-Key header", "endpoint": null, "permission": null, "tags": [] }, { "route": "/api-reference/notifications", "url": "https://docs.cryptflare.com/api-reference/notifications", "markdownUrl": "https://docs.cryptflare.com/api-reference/notifications.md", "section": "api-reference", "title": "Notifications", "description": "In-app notification management for organisation members.", "endpoint": null, "permission": null, "tags": [] }, { "route": "/api-reference/notifications/list-notifications", "url": "https://docs.cryptflare.com/api-reference/notifications/list-notifications", "markdownUrl": "https://docs.cryptflare.com/api-reference/notifications/list-notifications.md", "section": "api-reference", "title": "List notifications", "description": "GET /notifications - returns paginated in-app notifications for the authenticated user.", "endpoint": "GET /v1/organisations/:org/notifications", "permission": "session", "tags": [ "notifications", "list", "auth-required", "paginated" ] }, { "route": "/api-reference/notifications/mark-all-read", "url": "https://docs.cryptflare.com/api-reference/notifications/mark-all-read", "markdownUrl": "https://docs.cryptflare.com/api-reference/notifications/mark-all-read.md", "section": "api-reference", "title": "Mark all as read", "description": "POST /notifications/mark-all-read - marks every unread notification as read in one call.", "endpoint": "POST /v1/organisations/:org/notifications/mark-all-read", "permission": "session", "tags": [ "notifications", "mark-all-read", "auth-required" ] }, { "route": "/api-reference/notifications/mark-read", "url": "https://docs.cryptflare.com/api-reference/notifications/mark-read", "markdownUrl": "https://docs.cryptflare.com/api-reference/notifications/mark-read.md", "section": "api-reference", "title": "Mark as read", "description": "PATCH /notifications/:id/read - marks a single notification as read.", "endpoint": "PATCH /v1/organisations/:org/notifications/:id/read", "permission": "session", "tags": [ "notifications", "read", "auth-required" ] }, { "route": "/api-reference/organisations", "url": "https://docs.cryptflare.com/api-reference/organisations", "markdownUrl": "https://docs.cryptflare.com/api-reference/organisations.md", "section": "api-reference", "title": "Organisations", "description": "Manage organisations, members, and ownership transfers.", "endpoint": null, "permission": null, "tags": [] }, { "route": "/api-reference/organisations/cancel-transfer", "url": "https://docs.cryptflare.com/api-reference/organisations/cancel-transfer", "markdownUrl": "https://docs.cryptflare.com/api-reference/organisations/cancel-transfer.md", "section": "api-reference", "title": "Cancel pending transfer", "description": "POST /organisations/:org/transfer/cancel - cancels a pending ownership transfer.", "endpoint": "POST /v1/organisations/:org/transfer/cancel", "permission": "org:transfer", "tags": [ "transfer", "cancel", "auth-required" ] }, { "route": "/api-reference/organisations/create-organisation", "url": "https://docs.cryptflare.com/api-reference/organisations/create-organisation", "markdownUrl": "https://docs.cryptflare.com/api-reference/organisations/create-organisation.md", "section": "api-reference", "title": "Create an organisation", "description": "POST /organisations - creates a new organisation and assigns the caller as owner.", "endpoint": "POST /v1/organisations", "permission": "session", "tags": [ "organisations", "create", "auth-required" ] }, { "route": "/api-reference/organisations/delete-organisation", "url": "https://docs.cryptflare.com/api-reference/organisations/delete-organisation", "markdownUrl": "https://docs.cryptflare.com/api-reference/organisations/delete-organisation.md", "section": "api-reference", "title": "Delete an organisation", "description": "DELETE /organisations/:org - permanently deletes the organisation and every resource it owns.", "endpoint": "DELETE /v1/organisations/:org", "permission": "org:delete", "tags": [ "organisations", "delete", "auth-required" ] }, { "route": "/api-reference/organisations/get-features", "url": "https://docs.cryptflare.com/api-reference/organisations/get-features", "markdownUrl": "https://docs.cryptflare.com/api-reference/organisations/get-features.md", "section": "api-reference", "title": "Get organisation features", "description": "GET /organisations/:org/features - returns the org-wide enabled/disabled state of every toggleable feature.", "endpoint": "GET /v1/organisations/:org/features", "permission": "org:read", "tags": [ "organisations", "features", "auth-required" ] }, { "route": "/api-reference/organisations/get-organisation", "url": "https://docs.cryptflare.com/api-reference/organisations/get-organisation", "markdownUrl": "https://docs.cryptflare.com/api-reference/organisations/get-organisation.md", "section": "api-reference", "title": "Get an organisation", "description": "GET /organisations/:org - returns full details for a single organisation.", "endpoint": "GET /v1/organisations/:org", "permission": "org:read", "tags": [ "organisations", "read", "auth-required" ] }, { "route": "/api-reference/organisations/get-transfer", "url": "https://docs.cryptflare.com/api-reference/organisations/get-transfer", "markdownUrl": "https://docs.cryptflare.com/api-reference/organisations/get-transfer.md", "section": "api-reference", "title": "Get transfer status", "description": "GET /organisations/:org/transfer - returns the pending ownership transfer for the organisation, if any.", "endpoint": "GET /v1/organisations/:org/transfer", "permission": "org:read", "tags": [ "transfer", "list", "auth-required" ] }, { "route": "/api-reference/organisations/get-tree", "url": "https://docs.cryptflare.com/api-reference/organisations/get-tree", "markdownUrl": "https://docs.cryptflare.com/api-reference/organisations/get-tree.md", "section": "api-reference", "title": "Get the organisation tree", "description": "GET /organisations/:org/tree - returns the full workspace / environment / pod hierarchy with secret counts.", "endpoint": "GET /v1/organisations/:org/tree", "permission": "org:read", "tags": [ "organisations", "tree", "auth-required" ] }, { "route": "/api-reference/organisations/initiate-transfer", "url": "https://docs.cryptflare.com/api-reference/organisations/initiate-transfer", "markdownUrl": "https://docs.cryptflare.com/api-reference/organisations/initiate-transfer.md", "section": "api-reference", "title": "Initiate ownership transfer", "description": "POST /organisations/:org/transfer - initiates an ownership transfer to another user by email.", "endpoint": "POST /v1/organisations/:org/transfer", "permission": "org:transfer", "tags": [ "transfer", "create", "auth-required" ] }, { "route": "/api-reference/organisations/invite-member", "url": "https://docs.cryptflare.com/api-reference/organisations/invite-member", "markdownUrl": "https://docs.cryptflare.com/api-reference/organisations/invite-member.md", "section": "api-reference", "title": "Invite a member", "description": "POST /organisations/:org/members/invite - invites a user to the organisation by email.", "endpoint": "POST /v1/organisations/:org/members/invite", "permission": "members:invite", "tags": [ "members", "invite", "auth-required" ] }, { "route": "/api-reference/organisations/list-members", "url": "https://docs.cryptflare.com/api-reference/organisations/list-members", "markdownUrl": "https://docs.cryptflare.com/api-reference/organisations/list-members.md", "section": "api-reference", "title": "List members", "description": "GET /organisations/:org/members - returns every member of the organisation with their role.", "endpoint": "GET /v1/organisations/:org/members", "permission": "members:read", "tags": [ "members", "list", "auth-required" ] }, { "route": "/api-reference/organisations/list-organisations", "url": "https://docs.cryptflare.com/api-reference/organisations/list-organisations", "markdownUrl": "https://docs.cryptflare.com/api-reference/organisations/list-organisations.md", "section": "api-reference", "title": "List your organisations", "description": "GET /organisations - returns every organisation the authenticated user belongs to along with the caller's role in each.", "endpoint": "GET /v1/organisations", "permission": "session", "tags": [ "organisations", "list", "auth-required" ] }, { "route": "/api-reference/organisations/remove-member", "url": "https://docs.cryptflare.com/api-reference/organisations/remove-member", "markdownUrl": "https://docs.cryptflare.com/api-reference/organisations/remove-member.md", "section": "api-reference", "title": "Remove a member", "description": "DELETE /organisations/:org/members/:userId - removes a member from the organisation.", "endpoint": "DELETE /v1/organisations/:org/members/:userId", "permission": "members:remove", "tags": [ "members", "delete", "auth-required" ] }, { "route": "/api-reference/organisations/toggle-feature", "url": "https://docs.cryptflare.com/api-reference/organisations/toggle-feature", "markdownUrl": "https://docs.cryptflare.com/api-reference/organisations/toggle-feature.md", "section": "api-reference", "title": "Toggle an organisation feature", "description": "POST /organisations/:org/features - enable or disable a feature flag for the organisation. Owner-only.", "endpoint": "POST /v1/organisations/:org/features", "permission": "org:owner", "tags": [ "organisations", "features", "auth-required" ] }, { "route": "/api-reference/organisations/update-member-role", "url": "https://docs.cryptflare.com/api-reference/organisations/update-member-role", "markdownUrl": "https://docs.cryptflare.com/api-reference/organisations/update-member-role.md", "section": "api-reference", "title": "Change member role", "description": "PATCH /organisations/:org/members/:userId/role - changes a member's role in the organisation.", "endpoint": "PATCH /v1/organisations/:org/members/:userId/role", "permission": "members:role_assign", "tags": [ "role", "update", "auth-required" ] }, { "route": "/api-reference/organisations/update-organisation", "url": "https://docs.cryptflare.com/api-reference/organisations/update-organisation", "markdownUrl": "https://docs.cryptflare.com/api-reference/organisations/update-organisation.md", "section": "api-reference", "title": "Update an organisation", "description": "PATCH /organisations/:org - update the organisation name. Owner only.", "endpoint": "PATCH /v1/organisations/:org", "permission": "org:update", "tags": [ "organisations", "update", "auth-required" ] }, { "route": "/api-reference/pagination", "url": "https://docs.cryptflare.com/api-reference/pagination", "markdownUrl": "https://docs.cryptflare.com/api-reference/pagination.md", "section": "api-reference", "title": "Pagination", "description": "How to paginate through list endpoints", "endpoint": null, "permission": null, "tags": [] }, { "route": "/api-reference/pods", "url": "https://docs.cryptflare.com/api-reference/pods", "markdownUrl": "https://docs.cryptflare.com/api-reference/pods.md", "section": "api-reference", "title": "Pods", "description": "Hierarchical folders for organising secrets inside an environment. Up to 5 levels deep.", "endpoint": null, "permission": null, "tags": [] }, { "route": "/api-reference/pods/create-pod", "url": "https://docs.cryptflare.com/api-reference/pods/create-pod", "markdownUrl": "https://docs.cryptflare.com/api-reference/pods/create-pod.md", "section": "api-reference", "title": "Create a pod", "description": "POST /pods - creates a new pod, optionally nested under a parent pod.", "endpoint": "POST /v1/organisations/:org/workspaces/:ws/environments/:env/pods", "permission": "secrets:write", "tags": [ "pods", "create", "auth-required" ] }, { "route": "/api-reference/pods/delete-pod", "url": "https://docs.cryptflare.com/api-reference/pods/delete-pod", "markdownUrl": "https://docs.cryptflare.com/api-reference/pods/delete-pod.md", "section": "api-reference", "title": "Delete a pod", "description": "DELETE /pods/:pod - deletes an empty pod. The pod must contain no secrets or sub-pods.", "endpoint": "DELETE /v1/organisations/:org/workspaces/:ws/environments/:env/pods/:pod", "permission": "secrets:delete", "tags": [ "pods", "delete", "auth-required" ] }, { "route": "/api-reference/pods/get-pod", "url": "https://docs.cryptflare.com/api-reference/pods/get-pod", "markdownUrl": "https://docs.cryptflare.com/api-reference/pods/get-pod.md", "section": "api-reference", "title": "Get a pod", "description": "GET /pods/:pod - returns pod details including the ancestor breadcrumb chain.", "endpoint": "GET /v1/organisations/:org/workspaces/:ws/environments/:env/pods/:pod", "permission": "secrets:list", "tags": [ "pods", "read", "auth-required" ] }, { "route": "/api-reference/pods/list-pods", "url": "https://docs.cryptflare.com/api-reference/pods/list-pods", "markdownUrl": "https://docs.cryptflare.com/api-reference/pods/list-pods.md", "section": "api-reference", "title": "List pods", "description": "GET /pods - lists pods at a given level within an environment.", "endpoint": "GET /v1/organisations/:org/workspaces/:ws/environments/:env/pods", "permission": "secrets:list", "tags": [ "pods", "list", "auth-required" ] }, { "route": "/api-reference/pods/update-pod", "url": "https://docs.cryptflare.com/api-reference/pods/update-pod", "markdownUrl": "https://docs.cryptflare.com/api-reference/pods/update-pod.md", "section": "api-reference", "title": "Update a pod", "description": "PATCH /pods/:pod - update a pod's name, slug, or description.", "endpoint": "PATCH /v1/organisations/:org/workspaces/:ws/environments/:env/pods/:pod", "permission": "secrets:write", "tags": [ "pods", "update", "auth-required" ] }, { "route": "/api-reference/policies", "url": "https://docs.cryptflare.com/api-reference/policies", "markdownUrl": "https://docs.cryptflare.com/api-reference/policies.md", "section": "api-reference", "title": "Policies", "description": "Attribute-based access policies and just-in-time access requests. Deny-first, priority-ordered, fully auditable.", "endpoint": null, "permission": null, "tags": [] }, { "route": "/api-reference/policies/approve-access-request", "url": "https://docs.cryptflare.com/api-reference/policies/approve-access-request", "markdownUrl": "https://docs.cryptflare.com/api-reference/policies/approve-access-request.md", "section": "api-reference", "title": "Approve an access request", "description": "POST /policies/access-requests/:id/approve - approves a pending request and creates a time-limited grant.", "endpoint": "POST /v1/organisations/:org/policies/access-requests/:id/approve", "permission": "approvals:approve", "tags": [ "access-requests", "approve", "auth-required" ] }, { "route": "/api-reference/policies/create-access-request", "url": "https://docs.cryptflare.com/api-reference/policies/create-access-request", "markdownUrl": "https://docs.cryptflare.com/api-reference/policies/create-access-request.md", "section": "api-reference", "title": "Create an access request", "description": "POST /policies/access-requests - submits a JIT access request for elevated permissions.", "endpoint": "POST /v1/organisations/:org/policies/access-requests", "permission": "session", "tags": [ "access-requests", "create", "auth-required" ] }, { "route": "/api-reference/policies/create-policy", "url": "https://docs.cryptflare.com/api-reference/policies/create-policy", "markdownUrl": "https://docs.cryptflare.com/api-reference/policies/create-policy.md", "section": "api-reference", "title": "Create a policy", "description": "POST /policies - creates a new global or team-scoped access policy.", "endpoint": "POST /v1/organisations/:org/policies", "permission": "org:update", "tags": [ "policies", "create", "auth-required" ] }, { "route": "/api-reference/policies/delete-policy", "url": "https://docs.cryptflare.com/api-reference/policies/delete-policy", "markdownUrl": "https://docs.cryptflare.com/api-reference/policies/delete-policy.md", "section": "api-reference", "title": "Delete a policy", "description": "DELETE /policies/:id - permanently deletes a policy. Active JIT access grants are unaffected.", "endpoint": "DELETE /v1/organisations/:org/policies/:id", "permission": "org:update", "tags": [ "policies", "delete", "auth-required" ] }, { "route": "/api-reference/policies/deny-access-request", "url": "https://docs.cryptflare.com/api-reference/policies/deny-access-request", "markdownUrl": "https://docs.cryptflare.com/api-reference/policies/deny-access-request.md", "section": "api-reference", "title": "Deny an access request", "description": "POST /policies/access-requests/:id/deny - denies a pending access request. No grant is created.", "endpoint": "POST /v1/organisations/:org/policies/access-requests/:id/deny", "permission": "approvals:deny", "tags": [ "access-requests", "deny", "auth-required" ] }, { "route": "/api-reference/policies/export-policies", "url": "https://docs.cryptflare.com/api-reference/policies/export-policies", "markdownUrl": "https://docs.cryptflare.com/api-reference/policies/export-policies.md", "section": "api-reference", "title": "Export policies", "description": "GET /policies/export - exports all policies as a JSON document for backup or migration.", "endpoint": "GET /v1/organisations/:org/policies/export", "permission": "org:read", "tags": [ "policies", "export", "auth-required" ] }, { "route": "/api-reference/policies/import-policies", "url": "https://docs.cryptflare.com/api-reference/policies/import-policies", "markdownUrl": "https://docs.cryptflare.com/api-reference/policies/import-policies.md", "section": "api-reference", "title": "Import policies", "description": "POST /policies/import - imports policies from an export document. Non-destructive.", "endpoint": "POST /v1/organisations/:org/policies/import", "permission": "org:update", "tags": [ "policies", "import", "auth-required" ] }, { "route": "/api-reference/policies/list-access-grants", "url": "https://docs.cryptflare.com/api-reference/policies/list-access-grants", "markdownUrl": "https://docs.cryptflare.com/api-reference/policies/list-access-grants.md", "section": "api-reference", "title": "List access grants", "description": "GET /policies/access-grants - returns every active JIT access grant. Expired grants are excluded.", "endpoint": "GET /v1/organisations/:org/policies/access-grants", "permission": "approvals:read", "tags": [ "access-grants", "list", "auth-required", "paginated" ] }, { "route": "/api-reference/policies/list-access-requests", "url": "https://docs.cryptflare.com/api-reference/policies/list-access-requests", "markdownUrl": "https://docs.cryptflare.com/api-reference/policies/list-access-requests.md", "section": "api-reference", "title": "List access requests", "description": "GET /policies/access-requests - lists pending and resolved JIT access requests.", "endpoint": "GET /v1/organisations/:org/policies/access-requests", "permission": "approvals:read", "tags": [ "access-requests", "list", "auth-required", "paginated" ] }, { "route": "/api-reference/policies/list-policies", "url": "https://docs.cryptflare.com/api-reference/policies/list-policies", "markdownUrl": "https://docs.cryptflare.com/api-reference/policies/list-policies.md", "section": "api-reference", "title": "List policies", "description": "GET /policies - returns all global policies ordered by priority (highest first).", "endpoint": "GET /v1/organisations/:org/policies", "permission": "org:read", "tags": [ "policies", "list", "auth-required" ] }, { "route": "/api-reference/policies/revoke-access-grant", "url": "https://docs.cryptflare.com/api-reference/policies/revoke-access-grant", "markdownUrl": "https://docs.cryptflare.com/api-reference/policies/revoke-access-grant.md", "section": "api-reference", "title": "Revoke an access grant", "description": "POST /policies/access-grants/:id/revoke - immediately revokes an active JIT access grant before it expires.", "endpoint": "POST /v1/organisations/:org/policies/access-grants/:id/revoke", "permission": "approvals:approve", "tags": [ "access-grants", "revoke", "auth-required" ] }, { "route": "/api-reference/policies/simulate-policy", "url": "https://docs.cryptflare.com/api-reference/policies/simulate-policy", "markdownUrl": "https://docs.cryptflare.com/api-reference/policies/simulate-policy.md", "section": "api-reference", "title": "Simulate policy evaluation", "description": "POST /policies/simulate - dry-run policy evaluation for a given member, action, and resource.", "endpoint": "POST /v1/organisations/:org/policies/simulate", "permission": "org:update", "tags": [ "policies", "simulate", "auth-required" ] }, { "route": "/api-reference/policies/toggle-policy", "url": "https://docs.cryptflare.com/api-reference/policies/toggle-policy", "markdownUrl": "https://docs.cryptflare.com/api-reference/policies/toggle-policy.md", "section": "api-reference", "title": "Toggle a policy", "description": "POST /policies/:id/toggle - enable or disable a policy without deleting it.", "endpoint": "POST /v1/organisations/:org/policies/:id/toggle", "permission": "org:update", "tags": [ "policies", "toggle", "auth-required" ] }, { "route": "/api-reference/rate-limits", "url": "https://docs.cryptflare.com/api-reference/rate-limits", "markdownUrl": "https://docs.cryptflare.com/api-reference/rate-limits.md", "section": "api-reference", "title": "Rate limiting", "description": "Learn about the rate limits the CryptFlare API enforces", "endpoint": null, "permission": null, "tags": [] }, { "route": "/api-reference/role-permissions", "url": "https://docs.cryptflare.com/api-reference/role-permissions", "markdownUrl": "https://docs.cryptflare.com/api-reference/role-permissions.md", "section": "api-reference", "title": "Role Permissions", "description": "View and customise the permissions granted to each role in your organisation.", "endpoint": null, "permission": null, "tags": [] }, { "route": "/api-reference/role-permissions/get-role-permissions", "url": "https://docs.cryptflare.com/api-reference/role-permissions/get-role-permissions", "markdownUrl": "https://docs.cryptflare.com/api-reference/role-permissions/get-role-permissions.md", "section": "api-reference", "title": "Get role permissions", "description": "GET /role-permissions - returns the effective permissions for every role in the organisation.", "endpoint": "GET /v1/organisations/:org/role-permissions", "permission": "org:read", "tags": [ "role-permissions", "list", "auth-required" ] }, { "route": "/api-reference/role-permissions/toggle-role-permission", "url": "https://docs.cryptflare.com/api-reference/role-permissions/toggle-role-permission", "markdownUrl": "https://docs.cryptflare.com/api-reference/role-permissions/toggle-role-permission.md", "section": "api-reference", "title": "Toggle a role permission", "description": "PATCH /role-permissions - grants or revokes a specific permission for a non-owner role.", "endpoint": "PATCH /v1/organisations/:org/role-permissions", "permission": "org:update", "tags": [ "role-permissions", "update", "auth-required" ] }, { "route": "/api-reference/rotation-policies", "url": "https://docs.cryptflare.com/api-reference/rotation-policies", "markdownUrl": "https://docs.cryptflare.com/api-reference/rotation-policies.md", "section": "api-reference", "title": "Rotation Policies", "description": "Configure automated secret rotation on a schedule with generated values.", "endpoint": null, "permission": null, "tags": [] }, { "route": "/api-reference/rotation-policies/create-policy", "url": "https://docs.cryptflare.com/api-reference/rotation-policies/create-policy", "markdownUrl": "https://docs.cryptflare.com/api-reference/rotation-policies/create-policy.md", "section": "api-reference", "title": "Create a rotation policy", "description": "POST /:ws/:env/:key/rotation-policy - attaches a rotation policy to a secret.", "endpoint": "POST /v1/organisations/:org/:ws/:env/:key/rotation-policy", "permission": "secrets:rotate", "tags": [ "rotation-policy", "create", "auth-required" ] }, { "route": "/api-reference/rotation-policies/delete-policy", "url": "https://docs.cryptflare.com/api-reference/rotation-policies/delete-policy", "markdownUrl": "https://docs.cryptflare.com/api-reference/rotation-policies/delete-policy.md", "section": "api-reference", "title": "Delete a rotation policy", "description": "DELETE /rotation-policies/:policyId - permanently removes a rotation policy. The secret is untouched.", "endpoint": "DELETE /v1/organisations/:org/rotation-policies/:policyId", "permission": "secrets:rotate", "tags": [ "rotation-policies", "delete", "auth-required" ] }, { "route": "/api-reference/rotation-policies/get-policy", "url": "https://docs.cryptflare.com/api-reference/rotation-policies/get-policy", "markdownUrl": "https://docs.cryptflare.com/api-reference/rotation-policies/get-policy.md", "section": "api-reference", "title": "Get policy for a secret", "description": "GET /:ws/:env/:key/rotation-policy - returns the rotation policy attached to a specific secret, or null.", "endpoint": "GET /v1/organisations/:org/:ws/:env/:key/rotation-policy", "permission": "secrets:rotate", "tags": [ "rotation-policy", "list", "auth-required" ] }, { "route": "/api-reference/rotation-policies/list-policies", "url": "https://docs.cryptflare.com/api-reference/rotation-policies/list-policies", "markdownUrl": "https://docs.cryptflare.com/api-reference/rotation-policies/list-policies.md", "section": "api-reference", "title": "List rotation policies", "description": "GET /rotation-policies - returns every rotation policy across every workspace and environment.", "endpoint": "GET /v1/organisations/:org/rotation-policies", "permission": "secrets:rotate", "tags": [ "rotation-policies", "list", "auth-required" ] }, { "route": "/api-reference/rotation-policies/toggle-policy", "url": "https://docs.cryptflare.com/api-reference/rotation-policies/toggle-policy", "markdownUrl": "https://docs.cryptflare.com/api-reference/rotation-policies/toggle-policy.md", "section": "api-reference", "title": "Toggle a rotation policy", "description": "POST /rotation-policies/:policyId/toggle - pauses or resumes a rotation policy.", "endpoint": "POST /v1/organisations/:org/rotation-policies/:policyId/toggle", "permission": "secrets:rotate", "tags": [ "rotation-policies", "toggle", "auth-required" ] }, { "route": "/api-reference/rotation-policies/update-policy", "url": "https://docs.cryptflare.com/api-reference/rotation-policies/update-policy", "markdownUrl": "https://docs.cryptflare.com/api-reference/rotation-policies/update-policy.md", "section": "api-reference", "title": "Update a rotation policy", "description": "PATCH /rotation-policies/:policyId - update interval, generation, or notification settings.", "endpoint": "PATCH /v1/organisations/:org/rotation-policies/:policyId", "permission": "secrets:rotate", "tags": [ "rotation-policies", "update", "auth-required" ] }, { "route": "/api-reference/search", "url": "https://docs.cryptflare.com/api-reference/search", "markdownUrl": "https://docs.cryptflare.com/api-reference/search.md", "section": "api-reference", "title": "Search", "description": "Permission-aware search across workspaces, environments, secrets, and members.", "endpoint": "GET /v1/organisations/:org/search", "permission": "org:read", "tags": [ "organisations", "search", "auth-required", "paginated" ] }, { "route": "/api-reference/secrets", "url": "https://docs.cryptflare.com/api-reference/secrets", "markdownUrl": "https://docs.cryptflare.com/api-reference/secrets.md", "section": "api-reference", "title": "Secrets", "description": "Create, read, rotate, and delete encrypted secrets. Organize with pods.", "endpoint": null, "permission": null, "tags": [] }, { "route": "/api-reference/secrets/batch-create", "url": "https://docs.cryptflare.com/api-reference/secrets/batch-create", "markdownUrl": "https://docs.cryptflare.com/api-reference/secrets/batch-create.md", "section": "api-reference", "title": "Batch create secrets", "description": "POST /secrets/batch/create - create up to 100 secrets in a single request via an async job.", "endpoint": "POST /v1/organisations/:org/workspaces/:ws/environments/:env/secrets/batch/create", "permission": "secrets:write", "tags": [ "batch", "create", "auth-required", "async" ] }, { "route": "/api-reference/secrets/batch-delete", "url": "https://docs.cryptflare.com/api-reference/secrets/batch-delete", "markdownUrl": "https://docs.cryptflare.com/api-reference/secrets/batch-delete.md", "section": "api-reference", "title": "Batch delete secrets", "description": "POST /secrets/batch/delete - delete up to 100 secrets by key in a single request.", "endpoint": "POST /v1/organisations/:org/workspaces/:ws/environments/:env/secrets/batch/delete", "permission": "secrets:delete", "tags": [ "batch", "delete", "auth-required", "async" ] }, { "route": "/api-reference/secrets/batch-status", "url": "https://docs.cryptflare.com/api-reference/secrets/batch-status", "markdownUrl": "https://docs.cryptflare.com/api-reference/secrets/batch-status.md", "section": "api-reference", "title": "Get batch job status", "description": "GET /secrets/batch/:jobId - poll for the results of a batch operation.", "endpoint": "GET /v1/organisations/:org/workspaces/:ws/environments/:env/secrets/batch/:jobId", "permission": "secrets:read", "tags": [ "batch", "read", "auth-required", "async" ] }, { "route": "/api-reference/secrets/batch-update", "url": "https://docs.cryptflare.com/api-reference/secrets/batch-update", "markdownUrl": "https://docs.cryptflare.com/api-reference/secrets/batch-update.md", "section": "api-reference", "title": "Batch update secrets", "description": "POST /secrets/batch/update - rotate up to 100 secrets to new values in a single request.", "endpoint": "POST /v1/organisations/:org/workspaces/:ws/environments/:env/secrets/batch/update", "permission": "secrets:write", "tags": [ "batch", "update", "auth-required", "async" ] }, { "route": "/api-reference/secrets/create-secret", "url": "https://docs.cryptflare.com/api-reference/secrets/create-secret", "markdownUrl": "https://docs.cryptflare.com/api-reference/secrets/create-secret.md", "section": "api-reference", "title": "Create a secret", "description": "POST /secrets - creates a new secret with version 1. Value is encrypted with AES-256-GCM before storage.", "endpoint": "POST /v1/organisations/:org/workspaces/:ws/environments/:env/secrets", "permission": "secrets:write", "tags": [ "secrets", "create", "auth-required" ] }, { "route": "/api-reference/secrets/delete-secret", "url": "https://docs.cryptflare.com/api-reference/secrets/delete-secret", "markdownUrl": "https://docs.cryptflare.com/api-reference/secrets/delete-secret.md", "section": "api-reference", "title": "Delete a secret", "description": "DELETE /secrets/:key - permanently deletes a secret and all its version history.", "endpoint": "DELETE /v1/organisations/:org/workspaces/:ws/environments/:env/secrets/:key", "permission": "secrets:delete", "tags": [ "secrets", "delete", "auth-required" ] }, { "route": "/api-reference/secrets/get-rules", "url": "https://docs.cryptflare.com/api-reference/secrets/get-rules", "markdownUrl": "https://docs.cryptflare.com/api-reference/secrets/get-rules.md", "section": "api-reference", "title": "Get validation rules", "description": "GET /secrets/:key/rules - returns the validation rules configured on a secret.", "endpoint": "GET /v1/organisations/:org/workspaces/:ws/environments/:env/secrets/:key/rules", "permission": "secrets:read", "tags": [ "rules", "list", "auth-required" ] }, { "route": "/api-reference/secrets/get-settings", "url": "https://docs.cryptflare.com/api-reference/secrets/get-settings", "markdownUrl": "https://docs.cryptflare.com/api-reference/secrets/get-settings.md", "section": "api-reference", "title": "Get secret settings", "description": "GET /secrets/:key/settings - returns metadata, version policy, validation rules, and auto-delete configuration.", "endpoint": "GET /v1/organisations/:org/workspaces/:ws/environments/:env/secrets/:key/settings", "permission": "secrets:read", "tags": [ "settings", "list", "auth-required" ] }, { "route": "/api-reference/secrets/list-secrets", "url": "https://docs.cryptflare.com/api-reference/secrets/list-secrets", "markdownUrl": "https://docs.cryptflare.com/api-reference/secrets/list-secrets.md", "section": "api-reference", "title": "List secrets", "description": "GET /secrets - returns secret key names and metadata. Values are never included in list responses.", "endpoint": "GET /v1/organisations/:org/workspaces/:ws/environments/:env/secrets", "permission": "secrets:list", "tags": [ "secrets", "list", "auth-required" ] }, { "route": "/api-reference/secrets/list-versions", "url": "https://docs.cryptflare.com/api-reference/secrets/list-versions", "markdownUrl": "https://docs.cryptflare.com/api-reference/secrets/list-versions.md", "section": "api-reference", "title": "List secret versions", "description": "GET /secrets/:key/versions - returns the full version history of a secret (metadata only, no plaintext).", "endpoint": "GET /v1/organisations/:org/workspaces/:ws/environments/:env/secrets/:key/versions", "permission": "secrets:read", "tags": [ "versions", "list", "auth-required" ] }, { "route": "/api-reference/secrets/move-secret", "url": "https://docs.cryptflare.com/api-reference/secrets/move-secret", "markdownUrl": "https://docs.cryptflare.com/api-reference/secrets/move-secret.md", "section": "api-reference", "title": "Move a secret to a pod", "description": "PATCH /secrets/:key/move - moves a secret into a pod, or back to the root level.", "endpoint": "PATCH /v1/organisations/:org/workspaces/:ws/environments/:env/secrets/:key/move", "permission": "secrets:write", "tags": [ "secrets", "move", "auth-required" ] }, { "route": "/api-reference/secrets/remove-rules", "url": "https://docs.cryptflare.com/api-reference/secrets/remove-rules", "markdownUrl": "https://docs.cryptflare.com/api-reference/secrets/remove-rules.md", "section": "api-reference", "title": "Remove validation rules", "description": "DELETE /secrets/:key/rules - removes all validation rules from a secret.", "endpoint": "DELETE /v1/organisations/:org/workspaces/:ws/environments/:env/secrets/:key/rules", "permission": "secrets:rules", "tags": [ "rules", "delete", "auth-required" ] }, { "route": "/api-reference/secrets/reveal-secret", "url": "https://docs.cryptflare.com/api-reference/secrets/reveal-secret", "markdownUrl": "https://docs.cryptflare.com/api-reference/secrets/reveal-secret.md", "section": "api-reference", "title": "Reveal a secret", "description": "GET /secrets/:key - decrypts and returns the secret value. Logged in the audit trail.", "endpoint": "GET /v1/organisations/:org/workspaces/:ws/environments/:env/secrets/:key", "permission": "secrets:read", "tags": [ "secrets", "read", "auth-required" ] }, { "route": "/api-reference/secrets/reveal-version", "url": "https://docs.cryptflare.com/api-reference/secrets/reveal-version", "markdownUrl": "https://docs.cryptflare.com/api-reference/secrets/reveal-version.md", "section": "api-reference", "title": "Reveal a specific version", "description": "GET /secrets/:key/versions/:version - decrypts and returns a specific historical version.", "endpoint": "GET /v1/organisations/:org/workspaces/:ws/environments/:env/secrets/:key/versions/:version", "permission": "secrets:read", "tags": [ "versions", "read", "auth-required" ] }, { "route": "/api-reference/secrets/rotate-secret", "url": "https://docs.cryptflare.com/api-reference/secrets/rotate-secret", "markdownUrl": "https://docs.cryptflare.com/api-reference/secrets/rotate-secret.md", "section": "api-reference", "title": "Rotate a secret", "description": "POST /secrets/:key/rotate - encrypts a new value, increments the version, and archives the old version.", "endpoint": "POST /v1/organisations/:org/workspaces/:ws/environments/:env/secrets/:key/rotate", "permission": "secrets:write", "tags": [ "secrets", "rotate", "auth-required" ] }, { "route": "/api-reference/secrets/set-rules", "url": "https://docs.cryptflare.com/api-reference/secrets/set-rules", "markdownUrl": "https://docs.cryptflare.com/api-reference/secrets/set-rules.md", "section": "api-reference", "title": "Set validation rules", "description": "PUT /secrets/:key/rules - replaces all validation rules on a secret.", "endpoint": "PUT /v1/organisations/:org/workspaces/:ws/environments/:env/secrets/:key/rules", "permission": "secrets:rules", "tags": [ "rules", "update", "auth-required" ] }, { "route": "/api-reference/secrets/update-settings", "url": "https://docs.cryptflare.com/api-reference/secrets/update-settings", "markdownUrl": "https://docs.cryptflare.com/api-reference/secrets/update-settings.md", "section": "api-reference", "title": "Update secret settings", "description": "PATCH /secrets/:key/settings - update metadata, version policy, and auto-delete configuration.", "endpoint": "PATCH /v1/organisations/:org/workspaces/:ws/environments/:env/secrets/:key/settings", "permission": "secrets:write", "tags": [ "settings", "update", "auth-required" ] }, { "route": "/api-reference/service-tokens", "url": "https://docs.cryptflare.com/api-reference/service-tokens", "markdownUrl": "https://docs.cryptflare.com/api-reference/service-tokens.md", "section": "api-reference", "title": "Service Tokens", "description": "Organisation-level API tokens for CI / CD pipelines. Not tied to any user account.", "endpoint": null, "permission": null, "tags": [] }, { "route": "/api-reference/service-tokens/create-service-token", "url": "https://docs.cryptflare.com/api-reference/service-tokens/create-service-token", "markdownUrl": "https://docs.cryptflare.com/api-reference/service-tokens/create-service-token.md", "section": "api-reference", "title": "Create a service token", "description": "POST /service-tokens - generates a new organisation-level service token. Secret returned exactly once.", "endpoint": "POST /v1/organisations/:org/service-tokens", "permission": "service_tokens:create", "tags": [ "service-tokens", "create", "auth-required" ] }, { "route": "/api-reference/service-tokens/list-service-tokens", "url": "https://docs.cryptflare.com/api-reference/service-tokens/list-service-tokens", "markdownUrl": "https://docs.cryptflare.com/api-reference/service-tokens/list-service-tokens.md", "section": "api-reference", "title": "List service tokens", "description": "GET /service-tokens - returns every service token in the organisation.", "endpoint": "GET /v1/organisations/:org/service-tokens", "permission": "service_tokens:read", "tags": [ "service-tokens", "list", "auth-required" ] }, { "route": "/api-reference/service-tokens/revoke-service-token", "url": "https://docs.cryptflare.com/api-reference/service-tokens/revoke-service-token", "markdownUrl": "https://docs.cryptflare.com/api-reference/service-tokens/revoke-service-token.md", "section": "api-reference", "title": "Revoke a service token", "description": "DELETE /service-tokens/:tokenId - permanently deletes a service token. CI / CD pipelines using it will lose access immediately.", "endpoint": "DELETE /v1/organisations/:org/service-tokens/:tokenId", "permission": "service_tokens:revoke", "tags": [ "service-tokens", "delete", "auth-required" ] }, { "route": "/api-reference/service-tokens/toggle-service-token", "url": "https://docs.cryptflare.com/api-reference/service-tokens/toggle-service-token", "markdownUrl": "https://docs.cryptflare.com/api-reference/service-tokens/toggle-service-token.md", "section": "api-reference", "title": "Enable or disable a service token", "description": "POST /service-tokens/:tokenId/toggle - disable a service token without permanently revoking it (or re-enable it).", "endpoint": "POST /v1/organisations/:org/service-tokens/:tokenId/toggle", "permission": "service_tokens:create", "tags": [ "service-tokens", "toggle", "auth-required" ] }, { "route": "/api-reference/service-tokens/update-service-token", "url": "https://docs.cryptflare.com/api-reference/service-tokens/update-service-token", "markdownUrl": "https://docs.cryptflare.com/api-reference/service-tokens/update-service-token.md", "section": "api-reference", "title": "Update a service token", "description": "PATCH /service-tokens/:tokenId - update the name, description, scopes, or IP allowlist of a service token.", "endpoint": "PATCH /v1/organisations/:org/service-tokens/:tokenId", "permission": "service_tokens:create", "tags": [ "service-tokens", "update", "auth-required" ] }, { "route": "/api-reference/sso", "url": "https://docs.cryptflare.com/api-reference/sso", "markdownUrl": "https://docs.cryptflare.com/api-reference/sso.md", "section": "api-reference", "title": "SSO", "description": "Configure OIDC Single Sign-On connections, group-to-role mappings, and the auth flow endpoints.", "endpoint": null, "permission": null, "tags": [] }, { "route": "/api-reference/sso/check-domain", "url": "https://docs.cryptflare.com/api-reference/sso/check-domain", "markdownUrl": "https://docs.cryptflare.com/api-reference/sso/check-domain.md", "section": "api-reference", "title": "Check force-SSO status", "description": "GET /auth/sso/check - returns whether a given email domain has force-SSO enabled. No authentication required.", "endpoint": "GET /v1/auth/sso/check", "permission": null, "tags": [ "sso", "check", "auth-required" ] }, { "route": "/api-reference/sso/create-connection", "url": "https://docs.cryptflare.com/api-reference/sso/create-connection", "markdownUrl": "https://docs.cryptflare.com/api-reference/sso/create-connection.md", "section": "api-reference", "title": "Create an SSO connection", "description": "POST /sso - creates a new SSO connection. Starts in a disabled state until tested.", "endpoint": "POST /v1/organisations/:org/sso", "permission": "sso:manage", "tags": [ "sso", "create", "auth-required" ] }, { "route": "/api-reference/sso/create-mapping", "url": "https://docs.cryptflare.com/api-reference/sso/create-mapping", "markdownUrl": "https://docs.cryptflare.com/api-reference/sso/create-mapping.md", "section": "api-reference", "title": "Create a group mapping", "description": "POST /sso/:connectionId/mappings - maps an IdP group to a CryptFlare role.", "endpoint": "POST /v1/organisations/:org/sso/:connectionId/mappings", "permission": "sso:manage", "tags": [ "mappings", "create", "auth-required" ] }, { "route": "/api-reference/sso/delete-connection", "url": "https://docs.cryptflare.com/api-reference/sso/delete-connection", "markdownUrl": "https://docs.cryptflare.com/api-reference/sso/delete-connection.md", "section": "api-reference", "title": "Delete an SSO connection", "description": "DELETE /sso/:connectionId - deletes an SSO connection and every group mapping associated with it.", "endpoint": "DELETE /v1/organisations/:org/sso/:connectionId", "permission": "sso:manage", "tags": [ "sso", "delete", "auth-required" ] }, { "route": "/api-reference/sso/delete-mapping", "url": "https://docs.cryptflare.com/api-reference/sso/delete-mapping", "markdownUrl": "https://docs.cryptflare.com/api-reference/sso/delete-mapping.md", "section": "api-reference", "title": "Delete a group mapping", "description": "DELETE /sso/:connectionId/mappings/:mappingId - removes an IdP group-to-role mapping.", "endpoint": "DELETE /v1/organisations/:org/sso/:connectionId/mappings/:mappingId", "permission": "sso:manage", "tags": [ "mappings", "delete", "auth-required" ] }, { "route": "/api-reference/sso/initiate-login", "url": "https://docs.cryptflare.com/api-reference/sso/initiate-login", "markdownUrl": "https://docs.cryptflare.com/api-reference/sso/initiate-login.md", "section": "api-reference", "title": "Initiate SSO login", "description": "GET /auth/sso/initiate - redirects the user to the IdP authorization endpoint with PKCE.", "endpoint": "GET /v1/auth/sso/initiate", "permission": null, "tags": [ "sso", "initiate", "auth-required" ] }, { "route": "/api-reference/sso/list-connections", "url": "https://docs.cryptflare.com/api-reference/sso/list-connections", "markdownUrl": "https://docs.cryptflare.com/api-reference/sso/list-connections.md", "section": "api-reference", "title": "List SSO connections", "description": "GET /sso - returns every SSO connection for the organisation. Client secrets are redacted.", "endpoint": "GET /v1/organisations/:org/sso", "permission": "sso:read", "tags": [ "sso", "list", "auth-required" ] }, { "route": "/api-reference/sso/list-mappings", "url": "https://docs.cryptflare.com/api-reference/sso/list-mappings", "markdownUrl": "https://docs.cryptflare.com/api-reference/sso/list-mappings.md", "section": "api-reference", "title": "List group mappings", "description": "GET /sso/:connectionId/mappings - returns every IdP group-to-role mapping, ordered by priority.", "endpoint": "GET /v1/organisations/:org/sso/:connectionId/mappings", "permission": "sso:read", "tags": [ "mappings", "list", "auth-required" ] }, { "route": "/api-reference/sso/oidc-callback", "url": "https://docs.cryptflare.com/api-reference/sso/oidc-callback", "markdownUrl": "https://docs.cryptflare.com/api-reference/sso/oidc-callback.md", "section": "api-reference", "title": "OIDC callback", "description": "GET /auth/sso/callback/oidc - handles the authorization code callback from the identity provider.", "endpoint": "GET /v1/auth/sso/callback/oidc", "permission": null, "tags": [ "oidc", "list", "auth-required" ] }, { "route": "/api-reference/sso/test-connection", "url": "https://docs.cryptflare.com/api-reference/sso/test-connection", "markdownUrl": "https://docs.cryptflare.com/api-reference/sso/test-connection.md", "section": "api-reference", "title": "Test an SSO connection", "description": "POST /sso/:connectionId/test - tests OIDC discovery against the configured issuer. No user login performed.", "endpoint": "POST /v1/organisations/:org/sso/:connectionId/test", "permission": "sso:manage", "tags": [ "sso", "test", "auth-required" ] }, { "route": "/api-reference/sso/toggle-connection", "url": "https://docs.cryptflare.com/api-reference/sso/toggle-connection", "markdownUrl": "https://docs.cryptflare.com/api-reference/sso/toggle-connection.md", "section": "api-reference", "title": "Toggle an SSO connection", "description": "POST /sso/:connectionId/toggle - enables or disables an SSO connection.", "endpoint": "POST /v1/organisations/:org/sso/:connectionId/toggle", "permission": "sso:manage", "tags": [ "sso", "toggle", "auth-required" ] }, { "route": "/api-reference/sso/update-connection", "url": "https://docs.cryptflare.com/api-reference/sso/update-connection", "markdownUrl": "https://docs.cryptflare.com/api-reference/sso/update-connection.md", "section": "api-reference", "title": "Update an SSO connection", "description": "PATCH /sso/:connectionId - updates an existing SSO connection's configuration.", "endpoint": "PATCH /v1/organisations/:org/sso/:connectionId", "permission": "sso:manage", "tags": [ "sso", "update", "auth-required" ] }, { "route": "/api-reference/status", "url": "https://docs.cryptflare.com/api-reference/status", "markdownUrl": "https://docs.cryptflare.com/api-reference/status.md", "section": "api-reference", "title": "Status", "description": "Public, unauthenticated endpoints for service health, incident data, and email notification subscriptions.", "endpoint": null, "permission": null, "tags": [] }, { "route": "/api-reference/status/check-unsubscribe", "url": "https://docs.cryptflare.com/api-reference/status/check-unsubscribe", "markdownUrl": "https://docs.cryptflare.com/api-reference/status/check-unsubscribe.md", "section": "api-reference", "title": "Check unsubscribe token", "description": "POST /status/unsubscribe/check - validates a signed token and returns the current subscription state without modifying anything.", "endpoint": "POST /v1/status/unsubscribe/check", "permission": null, "tags": [ "unsubscribe", "check", "public-endpoint" ] }, { "route": "/api-reference/status/get-status", "url": "https://docs.cryptflare.com/api-reference/status/get-status", "markdownUrl": "https://docs.cryptflare.com/api-reference/status/get-status.md", "section": "api-reference", "title": "Get service status", "description": "GET /status - returns live service health checks, 90-day history, active incidents, maintenance windows, and platform metrics. Public and edge-cached.", "endpoint": "GET /v1/status", "permission": null, "tags": [ "status", "list", "public-endpoint" ] }, { "route": "/api-reference/status/subscribe", "url": "https://docs.cryptflare.com/api-reference/status/subscribe", "markdownUrl": "https://docs.cryptflare.com/api-reference/status/subscribe.md", "section": "api-reference", "title": "Subscribe to notifications", "description": "POST /status/subscribe - subscribes an email to receive incident and maintenance notifications. Public, idempotent, rate-limited.", "endpoint": "POST /v1/status/subscribe", "permission": null, "tags": [ "status", "subscribe", "public-endpoint" ] }, { "route": "/api-reference/status/unsubscribe", "url": "https://docs.cryptflare.com/api-reference/status/unsubscribe", "markdownUrl": "https://docs.cryptflare.com/api-reference/status/unsubscribe.md", "section": "api-reference", "title": "Unsubscribe", "description": "POST /status/unsubscribe - unsubscribe an email using a signed token from a notification email. Public, idempotent, rate-limited.", "endpoint": "POST /v1/status/unsubscribe", "permission": null, "tags": [ "status", "unsubscribe", "public-endpoint" ] }, { "route": "/api-reference/support", "url": "https://docs.cryptflare.com/api-reference/support", "markdownUrl": "https://docs.cryptflare.com/api-reference/support.md", "section": "api-reference", "title": "Support", "description": "Create and manage support tickets, upload attachments, and communicate with the CryptFlare team.", "endpoint": null, "permission": null, "tags": [] }, { "route": "/api-reference/support/add-message", "url": "https://docs.cryptflare.com/api-reference/support/add-message", "markdownUrl": "https://docs.cryptflare.com/api-reference/support/add-message.md", "section": "api-reference", "title": "Add a message", "description": "POST /support/:ticketId/messages - adds a message to an existing ticket thread.", "endpoint": "POST /v1/organisations/:org/support/:ticketId/messages", "permission": "support:write", "tags": [ "messages", "create", "auth-required" ] }, { "route": "/api-reference/support/close-ticket", "url": "https://docs.cryptflare.com/api-reference/support/close-ticket", "markdownUrl": "https://docs.cryptflare.com/api-reference/support/close-ticket.md", "section": "api-reference", "title": "Close a ticket", "description": "POST /support/:ticketId/close - closes an open ticket. Closed tickets cannot receive new messages.", "endpoint": "POST /v1/organisations/:org/support/:ticketId/close", "permission": "support:write", "tags": [ "support", "close", "auth-required" ] }, { "route": "/api-reference/support/create-ticket", "url": "https://docs.cryptflare.com/api-reference/support/create-ticket", "markdownUrl": "https://docs.cryptflare.com/api-reference/support/create-ticket.md", "section": "api-reference", "title": "Create a ticket", "description": "POST /support - creates a new support ticket. Priority is validated against your plan tier.", "endpoint": "POST /v1/organisations/:org/support", "permission": "support:write", "tags": [ "support", "create", "auth-required" ] }, { "route": "/api-reference/support/get-ticket", "url": "https://docs.cryptflare.com/api-reference/support/get-ticket", "markdownUrl": "https://docs.cryptflare.com/api-reference/support/get-ticket.md", "section": "api-reference", "title": "Get ticket detail", "description": "GET /support/:ticketId - returns a ticket with its full message thread.", "endpoint": "GET /v1/organisations/:org/support/:ticketId", "permission": "support:read", "tags": [ "support", "read", "auth-required" ] }, { "route": "/api-reference/support/list-tickets", "url": "https://docs.cryptflare.com/api-reference/support/list-tickets", "markdownUrl": "https://docs.cryptflare.com/api-reference/support/list-tickets.md", "section": "api-reference", "title": "List tickets", "description": "GET /support - returns every support ticket in the organisation, newest first.", "endpoint": "GET /v1/organisations/:org/support", "permission": "support:read", "tags": [ "support", "list", "auth-required" ] }, { "route": "/api-reference/support/upload-attachment", "url": "https://docs.cryptflare.com/api-reference/support/upload-attachment", "markdownUrl": "https://docs.cryptflare.com/api-reference/support/upload-attachment.md", "section": "api-reference", "title": "Upload attachment", "description": "POST /support/:ticketId/upload - uploads a file as multipart/form-data. Use the returned key when adding messages.", "endpoint": "POST /v1/organisations/:org/support/:ticketId/upload", "permission": "support:write", "tags": [ "support", "upload", "auth-required" ] }, { "route": "/api-reference/sync-connections", "url": "https://docs.cryptflare.com/api-reference/sync-connections", "markdownUrl": "https://docs.cryptflare.com/api-reference/sync-connections.md", "section": "api-reference", "title": "Sync Connections", "description": "Push secrets to third-party platforms like GitHub, Vercel, and AWS Secrets Manager.", "endpoint": null, "permission": null, "tags": [] }, { "route": "/api-reference/sync-connections/create-connection", "url": "https://docs.cryptflare.com/api-reference/sync-connections/create-connection", "markdownUrl": "https://docs.cryptflare.com/api-reference/sync-connections/create-connection.md", "section": "api-reference", "title": "Create a sync connection", "description": "POST /sync-connections - creates a new sync connection. Credentials are validated against the provider before saving.", "endpoint": "POST /v1/organisations/:org/sync-connections", "permission": "sync:manage", "tags": [ "sync-connections", "create", "auth-required" ] }, { "route": "/api-reference/sync-connections/get-drift", "url": "https://docs.cryptflare.com/api-reference/sync-connections/get-drift", "markdownUrl": "https://docs.cryptflare.com/api-reference/sync-connections/get-drift.md", "section": "api-reference", "title": "Get drift report", "description": "GET /sync-connections/:connectionId/drift - classifies destination secrets against CryptFlare source scope. Names only, never values.", "endpoint": "GET /v1/organisations/:org/sync-connections/:connectionId/drift", "permission": "sync:read", "tags": [ "sync-connections", "drift", "auth-required" ] }, { "route": "/api-reference/sync-connections/list-connections", "url": "https://docs.cryptflare.com/api-reference/sync-connections/list-connections", "markdownUrl": "https://docs.cryptflare.com/api-reference/sync-connections/list-connections.md", "section": "api-reference", "title": "List sync connections", "description": "GET /sync-connections - returns every sync connection in the organisation. Credentials are never exposed.", "endpoint": "GET /v1/organisations/:org/sync-connections", "permission": "sync:read", "tags": [ "sync-connections", "list", "auth-required" ] }, { "route": "/api-reference/sync-connections/list-logs", "url": "https://docs.cryptflare.com/api-reference/sync-connections/list-logs", "markdownUrl": "https://docs.cryptflare.com/api-reference/sync-connections/list-logs.md", "section": "api-reference", "title": "List sync logs", "description": "GET /sync-connections/:connectionId/logs - returns execution history for a sync connection.", "endpoint": "GET /v1/organisations/:org/sync-connections/:connectionId/logs", "permission": "sync:read", "tags": [ "logs", "list", "auth-required", "paginated" ] }, { "route": "/api-reference/sync-connections/trigger-sync", "url": "https://docs.cryptflare.com/api-reference/sync-connections/trigger-sync", "markdownUrl": "https://docs.cryptflare.com/api-reference/sync-connections/trigger-sync.md", "section": "api-reference", "title": "Trigger a manual sync", "description": "POST /sync-connections/:connectionId/trigger - enqueues an immediate sync job for the connection.", "endpoint": "POST /v1/organisations/:org/sync-connections/:connectionId/trigger", "permission": "sync:manage", "tags": [ "sync-connections", "trigger", "auth-required" ] }, { "route": "/api-reference/tags", "url": "https://docs.cryptflare.com/api-reference/tags", "markdownUrl": "https://docs.cryptflare.com/api-reference/tags.md", "section": "api-reference", "title": "Tags", "description": "Attach free-form labels to resources for policy scoping and compliance classification.", "endpoint": null, "permission": null, "tags": [] }, { "route": "/api-reference/tags/create-tag", "url": "https://docs.cryptflare.com/api-reference/tags/create-tag", "markdownUrl": "https://docs.cryptflare.com/api-reference/tags/create-tag.md", "section": "api-reference", "title": "Attach a tag", "description": "POST /tags - attach a tag to a workspace, environment, pod, or secret.", "endpoint": "POST /v1/organisations/:org/tags", "permission": "tags:write", "tags": [ "tags", "create", "auth-required" ] }, { "route": "/api-reference/tags/delete-tag", "url": "https://docs.cryptflare.com/api-reference/tags/delete-tag", "markdownUrl": "https://docs.cryptflare.com/api-reference/tags/delete-tag.md", "section": "api-reference", "title": "Remove a tag", "description": "DELETE /tags - remove a tag from a resource.", "endpoint": "DELETE /v1/organisations/:org/tags", "permission": "tags:delete", "tags": [ "tags", "delete", "auth-required" ] }, { "route": "/api-reference/tags/list-org-tags", "url": "https://docs.cryptflare.com/api-reference/tags/list-org-tags", "markdownUrl": "https://docs.cryptflare.com/api-reference/tags/list-org-tags.md", "section": "api-reference", "title": "List org tags", "description": "GET /tags/org - list every distinct tag used in the organisation.", "endpoint": "GET /v1/organisations/:org/tags/org", "permission": "tags:read", "tags": [ "org", "list", "auth-required" ] }, { "route": "/api-reference/tags/list-tags", "url": "https://docs.cryptflare.com/api-reference/tags/list-tags", "markdownUrl": "https://docs.cryptflare.com/api-reference/tags/list-tags.md", "section": "api-reference", "title": "List tags for a resource", "description": "GET /tags - list all tags attached to a specific resource.", "endpoint": "GET /v1/organisations/:org/tags", "permission": "tags:read", "tags": [ "tags", "list", "auth-required" ] }, { "route": "/api-reference/tokens", "url": "https://docs.cryptflare.com/api-reference/tokens", "markdownUrl": "https://docs.cryptflare.com/api-reference/tokens.md", "section": "api-reference", "title": "API Tokens", "description": "Create, update, toggle, and revoke workspace-scoped API tokens for programmatic access.", "endpoint": null, "permission": null, "tags": [] }, { "route": "/api-reference/tokens/create-token", "url": "https://docs.cryptflare.com/api-reference/tokens/create-token", "markdownUrl": "https://docs.cryptflare.com/api-reference/tokens/create-token.md", "section": "api-reference", "title": "Create an API token", "description": "POST /tokens - generates a new API token. The full secret is returned exactly once.", "endpoint": "POST /v1/organisations/:org/tokens", "permission": "tokens:create", "tags": [ "tokens", "create", "auth-required" ] }, { "route": "/api-reference/tokens/list-tokens", "url": "https://docs.cryptflare.com/api-reference/tokens/list-tokens", "markdownUrl": "https://docs.cryptflare.com/api-reference/tokens/list-tokens.md", "section": "api-reference", "title": "List API tokens", "description": "GET /tokens - returns every API token in the organisation. Token secrets are never exposed.", "endpoint": "GET /v1/organisations/:org/tokens", "permission": "tokens:read", "tags": [ "tokens", "list", "auth-required" ] }, { "route": "/api-reference/tokens/revoke-token", "url": "https://docs.cryptflare.com/api-reference/tokens/revoke-token", "markdownUrl": "https://docs.cryptflare.com/api-reference/tokens/revoke-token.md", "section": "api-reference", "title": "Revoke a token", "description": "DELETE /tokens/:tokenId - permanently deletes a token. Cannot be undone.", "endpoint": "DELETE /v1/organisations/:org/tokens/:tokenId", "permission": "tokens:revoke", "tags": [ "tokens", "delete", "auth-required" ] }, { "route": "/api-reference/tokens/toggle-token", "url": "https://docs.cryptflare.com/api-reference/tokens/toggle-token", "markdownUrl": "https://docs.cryptflare.com/api-reference/tokens/toggle-token.md", "section": "api-reference", "title": "Enable or disable a token", "description": "POST /tokens/:tokenId/toggle - disable a token without permanently revoking it (or re-enable it).", "endpoint": "POST /v1/organisations/:org/tokens/:tokenId/toggle", "permission": "tokens:create", "tags": [ "tokens", "toggle", "auth-required" ] }, { "route": "/api-reference/tokens/update-token", "url": "https://docs.cryptflare.com/api-reference/tokens/update-token", "markdownUrl": "https://docs.cryptflare.com/api-reference/tokens/update-token.md", "section": "api-reference", "title": "Update an API token", "description": "PATCH /tokens/:tokenId - update the name and / or scopes of an existing token.", "endpoint": "PATCH /v1/organisations/:org/tokens/:tokenId", "permission": "tokens:create", "tags": [ "tokens", "update", "auth-required" ] }, { "route": "/api-reference/usage", "url": "https://docs.cryptflare.com/api-reference/usage", "markdownUrl": "https://docs.cryptflare.com/api-reference/usage.md", "section": "api-reference", "title": "Usage", "description": "Check organisation resource usage, remaining quota, and plan limits.", "endpoint": "GET /v1/organisations/:org/usage", "permission": "org:read", "tags": [ "organisations", "usage", "auth-required" ] }, { "route": "/api-reference/workspaces", "url": "https://docs.cryptflare.com/api-reference/workspaces", "markdownUrl": "https://docs.cryptflare.com/api-reference/workspaces.md", "section": "api-reference", "title": "Workspaces", "description": "Create, list, and delete workspaces - the top-level project container inside an organisation.", "endpoint": null, "permission": null, "tags": [] }, { "route": "/api-reference/workspaces/create-workspace", "url": "https://docs.cryptflare.com/api-reference/workspaces/create-workspace", "markdownUrl": "https://docs.cryptflare.com/api-reference/workspaces/create-workspace.md", "section": "api-reference", "title": "Create a workspace", "description": "POST /workspaces - creates a new workspace within an organisation.", "endpoint": "POST /v1/organisations/:org/workspaces", "permission": "workspaces:create", "tags": [ "workspaces", "create", "auth-required" ] }, { "route": "/api-reference/workspaces/delete-workspace", "url": "https://docs.cryptflare.com/api-reference/workspaces/delete-workspace", "markdownUrl": "https://docs.cryptflare.com/api-reference/workspaces/delete-workspace.md", "section": "api-reference", "title": "Delete a workspace", "description": "DELETE /workspaces/:ws - permanently deletes the workspace and every environment, pod, secret, and token it owns.", "endpoint": "DELETE /v1/organisations/:org/workspaces/:ws", "permission": "workspaces:delete", "tags": [ "workspaces", "delete", "auth-required" ] }, { "route": "/api-reference/workspaces/get-workspace", "url": "https://docs.cryptflare.com/api-reference/workspaces/get-workspace", "markdownUrl": "https://docs.cryptflare.com/api-reference/workspaces/get-workspace.md", "section": "api-reference", "title": "Get a workspace", "description": "GET /workspaces/:ws - returns details for a single workspace. Can look up by ID or slug.", "endpoint": "GET /v1/organisations/:org/workspaces/:ws", "permission": "workspaces:read", "tags": [ "workspaces", "read", "auth-required" ] }, { "route": "/api-reference/workspaces/list-workspaces", "url": "https://docs.cryptflare.com/api-reference/workspaces/list-workspaces", "markdownUrl": "https://docs.cryptflare.com/api-reference/workspaces/list-workspaces.md", "section": "api-reference", "title": "List workspaces", "description": "GET /workspaces - returns all workspaces in an organisation.", "endpoint": "GET /v1/organisations/:org/workspaces", "permission": "workspaces:read", "tags": [ "workspaces", "list", "auth-required" ] }, { "route": "/changelog/2026-04-08-api-reference", "url": "https://docs.cryptflare.com/changelog/2026-04-08-api-reference", "markdownUrl": "https://docs.cryptflare.com/changelog/2026-04-08-api-reference.md", "section": "changelog", "title": "Complete API reference", "description": "", "endpoint": null, "permission": null, "tags": [] }, { "route": "/changelog/2026-04-08-cli-device-flow", "url": "https://docs.cryptflare.com/changelog/2026-04-08-cli-device-flow", "markdownUrl": "https://docs.cryptflare.com/changelog/2026-04-08-cli-device-flow.md", "section": "changelog", "title": "CLI device flow authentication", "description": "", "endpoint": null, "permission": null, "tags": [] }, { "route": "/changelog/2026-04-08-dark-mode", "url": "https://docs.cryptflare.com/changelog/2026-04-08-dark-mode", "markdownUrl": "https://docs.cryptflare.com/changelog/2026-04-08-dark-mode.md", "section": "changelog", "title": "Dark mode", "description": "", "endpoint": null, "permission": null, "tags": [] }, { "route": "/changelog/2026-04-08-health-status", "url": "https://docs.cryptflare.com/changelog/2026-04-08-health-status", "markdownUrl": "https://docs.cryptflare.com/changelog/2026-04-08-health-status.md", "section": "changelog", "title": "Health endpoint and status indicator", "description": "", "endpoint": null, "permission": null, "tags": [] }, { "route": "/changelog/2026-04-08-pods-support", "url": "https://docs.cryptflare.com/changelog/2026-04-08-pods-support", "markdownUrl": "https://docs.cryptflare.com/changelog/2026-04-08-pods-support.md", "section": "changelog", "title": "Pods - organize secrets into folders", "description": "", "endpoint": null, "permission": null, "tags": [] }, { "route": "/changelog/2026-04-08-terraform-provider", "url": "https://docs.cryptflare.com/changelog/2026-04-08-terraform-provider", "markdownUrl": "https://docs.cryptflare.com/changelog/2026-04-08-terraform-provider.md", "section": "changelog", "title": "Terraform Provider", "description": "", "endpoint": null, "permission": null, "tags": [] }, { "route": "/cli/authentication", "url": "https://docs.cryptflare.com/cli/authentication", "markdownUrl": "https://docs.cryptflare.com/cli/authentication.md", "section": "cli", "title": "CLI authentication", "description": "How the CryptFlare CLI authenticates using the device authorization flow", "endpoint": null, "permission": null, "tags": [] }, { "route": "/cli/commands", "url": "https://docs.cryptflare.com/cli/commands", "markdownUrl": "https://docs.cryptflare.com/cli/commands.md", "section": "cli", "title": "Command reference", "description": "Complete reference for all CryptFlare CLI commands", "endpoint": null, "permission": null, "tags": [] }, { "route": "/cli/commands/auth", "url": "https://docs.cryptflare.com/cli/commands/auth", "markdownUrl": "https://docs.cryptflare.com/cli/commands/auth.md", "section": "cli", "title": "Auth commands", "description": "Authenticate and manage CLI sessions", "endpoint": null, "permission": null, "tags": [] }, { "route": "/cli/commands/environment", "url": "https://docs.cryptflare.com/cli/commands/environment", "markdownUrl": "https://docs.cryptflare.com/cli/commands/environment.md", "section": "cli", "title": "Environment commands", "description": "Inject secrets, export in various formats, and manage environments", "endpoint": null, "permission": null, "tags": [] }, { "route": "/cli/commands/pods", "url": "https://docs.cryptflare.com/cli/commands/pods", "markdownUrl": "https://docs.cryptflare.com/cli/commands/pods.md", "section": "cli", "title": "Pod commands", "description": "Organize secrets into hierarchical folders from the CLI", "endpoint": null, "permission": null, "tags": [] }, { "route": "/cli/commands/resources", "url": "https://docs.cryptflare.com/cli/commands/resources", "markdownUrl": "https://docs.cryptflare.com/cli/commands/resources.md", "section": "cli", "title": "Resource commands", "description": "Manage organisations, workspaces, tokens, and config", "endpoint": null, "permission": null, "tags": [] }, { "route": "/cli/commands/secrets", "url": "https://docs.cryptflare.com/cli/commands/secrets", "markdownUrl": "https://docs.cryptflare.com/cli/commands/secrets.md", "section": "cli", "title": "Secret commands", "description": "Create, read, rotate, move, and delete secrets from the CLI", "endpoint": null, "permission": null, "tags": [] }, { "route": "/cli/configuration", "url": "https://docs.cryptflare.com/cli/configuration", "markdownUrl": "https://docs.cryptflare.com/cli/configuration.md", "section": "cli", "title": "Configuration", "description": "Configure the CryptFlare CLI defaults, credentials, and output preferences", "endpoint": null, "permission": null, "tags": [] }, { "route": "/cli/overview", "url": "https://docs.cryptflare.com/cli/overview", "markdownUrl": "https://docs.cryptflare.com/cli/overview.md", "section": "cli", "title": "CLI", "description": "Manage CryptFlare secrets from your terminal", "endpoint": null, "permission": null, "tags": [] }, { "route": "/getting-started/cipher", "url": "https://docs.cryptflare.com/getting-started/cipher", "markdownUrl": "https://docs.cryptflare.com/getting-started/cipher.md", "section": "getting-started", "title": "Meet Cipher", "description": "CryptFlare's AI assistant that helps you manage secrets, understand policies, and navigate the platform.", "endpoint": null, "permission": null, "tags": [] }, { "route": "/getting-started/pricing", "url": "https://docs.cryptflare.com/getting-started/pricing", "markdownUrl": "https://docs.cryptflare.com/getting-started/pricing.md", "section": "getting-started", "title": "Pricing", "description": "CryptFlare plans and pricing - from free to team", "endpoint": null, "permission": null, "tags": [] }, { "route": "/getting-started/quickstart", "url": "https://docs.cryptflare.com/getting-started/quickstart", "markdownUrl": "https://docs.cryptflare.com/getting-started/quickstart.md", "section": "getting-started", "title": "Quickstart", "description": "Get up and running with CryptFlare in under 5 minutes.", "endpoint": null, "permission": null, "tags": [] }, { "route": "/guides/dynamic-secrets/aws", "url": "https://docs.cryptflare.com/guides/dynamic-secrets/aws", "markdownUrl": "https://docs.cryptflare.com/guides/dynamic-secrets/aws.md", "section": "guides", "title": "Dynamic secrets with AWS IAM (AssumeRole)", "description": "Use AWS STS AssumeRole to mint short-lived IAM credentials on demand with session policies and scoped durations", "endpoint": null, "permission": null, "tags": [] }, { "route": "/guides/dynamic-secrets/azure", "url": "https://docs.cryptflare.com/guides/dynamic-secrets/azure", "markdownUrl": "https://docs.cryptflare.com/guides/dynamic-secrets/azure.md", "section": "guides", "title": "Dynamic secrets with Azure Service Principals", "description": "Register an Azure AD App Registration, grant the right Microsoft Graph permissions, and mint short-lived Azure credentials on demand", "endpoint": null, "permission": null, "tags": [] }, { "route": "/guides/dynamic-secrets/usage", "url": "https://docs.cryptflare.com/guides/dynamic-secrets/usage", "markdownUrl": "https://docs.cryptflare.com/guides/dynamic-secrets/usage.md", "section": "guides", "title": "Using dynamic secrets", "description": "How to actually consume a dynamic secret lease from the CLI, your CI pipeline, local development, and Terraform", "endpoint": null, "permission": null, "tags": [] }, { "route": "/guides/idempotency", "url": "https://docs.cryptflare.com/guides/idempotency", "markdownUrl": "https://docs.cryptflare.com/guides/idempotency.md", "section": "guides", "title": "Idempotency Keys", "description": "Safely retry mutations without creating duplicates by attaching an Idempotency-Key header", "endpoint": null, "permission": null, "tags": [] }, { "route": "/guides/sso/auth0", "url": "https://docs.cryptflare.com/guides/sso/auth0", "markdownUrl": "https://docs.cryptflare.com/guides/sso/auth0.md", "section": "guides", "title": "SSO with Auth0", "description": "Step-by-step guide to configuring OIDC-based SSO with Auth0 in CryptFlare", "endpoint": null, "permission": null, "tags": [] }, { "route": "/guides/sso/entra-id", "url": "https://docs.cryptflare.com/guides/sso/entra-id", "markdownUrl": "https://docs.cryptflare.com/guides/sso/entra-id.md", "section": "guides", "title": "SSO with Microsoft Entra ID", "description": "Step-by-step guide to configuring OIDC-based SSO with Microsoft Entra ID (Azure AD) in CryptFlare", "endpoint": null, "permission": null, "tags": [] }, { "route": "/guides/sso/generic-oidc", "url": "https://docs.cryptflare.com/guides/sso/generic-oidc", "markdownUrl": "https://docs.cryptflare.com/guides/sso/generic-oidc.md", "section": "guides", "title": "SSO with Generic OIDC", "description": "Step-by-step guide to configuring SSO with any OpenID Connect provider in CryptFlare", "endpoint": null, "permission": null, "tags": [] }, { "route": "/guides/sso/google", "url": "https://docs.cryptflare.com/guides/sso/google", "markdownUrl": "https://docs.cryptflare.com/guides/sso/google.md", "section": "guides", "title": "SSO with Google Workspace", "description": "Step-by-step guide to configuring OIDC-based SSO with Google Workspace in CryptFlare", "endpoint": null, "permission": null, "tags": [] }, { "route": "/guides/sso/okta", "url": "https://docs.cryptflare.com/guides/sso/okta", "markdownUrl": "https://docs.cryptflare.com/guides/sso/okta.md", "section": "guides", "title": "SSO with Okta", "description": "Step-by-step guide to configuring OIDC-based SSO with Okta in CryptFlare", "endpoint": null, "permission": null, "tags": [] }, { "route": "/guides/sync/aws-federated", "url": "https://docs.cryptflare.com/guides/sync/aws-federated", "markdownUrl": "https://docs.cryptflare.com/guides/sync/aws-federated.md", "section": "guides", "title": "Sync to AWS Secrets Manager (federated)", "description": "Step-by-step guide to setting up keyless IAM OIDC federation between AWS and CryptFlare so sync connections push secrets without storing IAM access keys", "endpoint": null, "permission": null, "tags": [] }, { "route": "/guides/sync/gcp-federated", "url": "https://docs.cryptflare.com/guides/sync/gcp-federated", "markdownUrl": "https://docs.cryptflare.com/guides/sync/gcp-federated.md", "section": "guides", "title": "Sync to GCP Secret Manager (federated)", "description": "Step-by-step guide to setting up keyless Workload Identity Federation between GCP and CryptFlare so sync connections push secrets without a service-account JSON key", "endpoint": null, "permission": null, "tags": [] }, { "route": "/guides/sync/github", "url": "https://docs.cryptflare.com/guides/sync/github", "markdownUrl": "https://docs.cryptflare.com/guides/sync/github.md", "section": "guides", "title": "Sync to GitHub Actions", "description": "Step-by-step guide to syncing CryptFlare secrets to GitHub Actions (or Codespaces / Dependabot) secrets using a PAT or GitHub App", "endpoint": null, "permission": null, "tags": [] }, { "route": "/integrations/terraform", "url": "https://docs.cryptflare.com/integrations/terraform", "markdownUrl": "https://docs.cryptflare.com/integrations/terraform.md", "section": "integrations", "title": "Terraform Provider", "description": "Manage CryptFlare secrets, workspaces, environments, and pods as infrastructure-as-code with Terraform", "endpoint": null, "permission": null, "tags": [] }, { "route": "/internal/dynamic-secrets-architecture", "url": "https://docs.cryptflare.com/internal/dynamic-secrets-architecture", "markdownUrl": "https://docs.cryptflare.com/internal/dynamic-secrets-architecture.md", "section": "internal", "title": "Dynamic Secrets - Internal Architecture", "description": "Schema, workflow lifecycle, cascade revoke, and provider abstraction for the dynamic secrets subsystem. Engineering team only.", "endpoint": null, "permission": null, "tags": [] }, { "route": "/internal/index", "url": "https://docs.cryptflare.com/internal/index", "markdownUrl": "https://docs.cryptflare.com/internal/index.md", "section": "internal", "title": "Internal Engineering Docs", "description": "Private documentation for the CryptFlare platform team. Requires a valid console session.", "endpoint": null, "permission": null, "tags": [] }, { "route": "/secrets/environments", "url": "https://docs.cryptflare.com/secrets/environments", "markdownUrl": "https://docs.cryptflare.com/secrets/environments.md", "section": "secrets", "title": "Environments", "description": "Separate your secrets across development, staging, and production", "endpoint": null, "permission": null, "tags": [] }, { "route": "/secrets/rotation", "url": "https://docs.cryptflare.com/secrets/rotation", "markdownUrl": "https://docs.cryptflare.com/secrets/rotation.md", "section": "secrets", "title": "Secret rotation", "description": "Rotate secrets safely and plan for automated rotation with service syncing", "endpoint": null, "permission": null, "tags": [] }, { "route": "/secrets/versioning", "url": "https://docs.cryptflare.com/secrets/versioning", "markdownUrl": "https://docs.cryptflare.com/secrets/versioning.md", "section": "secrets", "title": "Secret versioning", "description": "How CryptFlare tracks every change to your secrets", "endpoint": null, "permission": null, "tags": [] }, { "route": "/security/access-control", "url": "https://docs.cryptflare.com/security/access-control", "markdownUrl": "https://docs.cryptflare.com/security/access-control.md", "section": "security", "title": "Access control", "description": "Role-based permissions and how CryptFlare controls who can do what", "endpoint": null, "permission": null, "tags": [] }, { "route": "/security/audit-logs", "url": "https://docs.cryptflare.com/security/audit-logs", "markdownUrl": "https://docs.cryptflare.com/security/audit-logs.md", "section": "security", "title": "Audit logs", "description": "Track every action taken in your organisation", "endpoint": null, "permission": null, "tags": [] }, { "route": "/security/byok", "url": "https://docs.cryptflare.com/security/byok", "markdownUrl": "https://docs.cryptflare.com/security/byok.md", "section": "security", "title": "Bring Your Own Key (BYOK)", "description": "Use your own encryption key to control how secrets are encrypted at rest", "endpoint": null, "permission": null, "tags": [] }, { "route": "/security/compliance", "url": "https://docs.cryptflare.com/security/compliance", "markdownUrl": "https://docs.cryptflare.com/security/compliance.md", "section": "security", "title": "Security and compliance", "description": "How CryptFlare protects your secrets, audit capabilities, and compliance posture", "endpoint": null, "permission": null, "tags": [] }, { "route": "/security/compliance-reports", "url": "https://docs.cryptflare.com/security/compliance-reports", "markdownUrl": "https://docs.cryptflare.com/security/compliance-reports.md", "section": "security", "title": "Compliance Reports", "description": "Generate and share audit-ready compliance evidence reports with auditors and compliance teams.", "endpoint": null, "permission": null, "tags": [] }, { "route": "/security/data-residency", "url": "https://docs.cryptflare.com/security/data-residency", "markdownUrl": "https://docs.cryptflare.com/security/data-residency.md", "section": "security", "title": "Data Residency", "description": "Control where your organisation's data is stored to meet regulatory and compliance requirements.", "endpoint": null, "permission": null, "tags": [] }, { "route": "/security/dynamic-secrets", "url": "https://docs.cryptflare.com/security/dynamic-secrets", "markdownUrl": "https://docs.cryptflare.com/security/dynamic-secrets.md", "section": "security", "title": "Dynamic Secrets", "description": "Mint short-lived, auto-revoked credentials on demand from upstream cloud providers. No long-lived secrets, no manual rotation, bounded blast radius.", "endpoint": null, "permission": null, "tags": [] }, { "route": "/security/encryption", "url": "https://docs.cryptflare.com/security/encryption", "markdownUrl": "https://docs.cryptflare.com/security/encryption.md", "section": "security", "title": "Encryption", "description": "How CryptFlare encrypts your secrets at rest and in transit", "endpoint": null, "permission": null, "tags": [] }, { "route": "/security/event-subscriptions", "url": "https://docs.cryptflare.com/security/event-subscriptions", "markdownUrl": "https://docs.cryptflare.com/security/event-subscriptions.md", "section": "security", "title": "Event Subscriptions", "description": "Receive real-time HTTP notifications when actions occur in your CryptFlare organisation.", "endpoint": null, "permission": null, "tags": [] }, { "route": "/security/federated-identity", "url": "https://docs.cryptflare.com/security/federated-identity", "markdownUrl": "https://docs.cryptflare.com/security/federated-identity.md", "section": "security", "title": "Federated Identity", "description": "CryptFlare runs its own OIDC issuer so sync connections can push to AWS, GCP, Azure, and Kubernetes using short-lived federated credentials instead of long-lived API keys.", "endpoint": null, "permission": null, "tags": [] }, { "route": "/security/mcp-access", "url": "https://docs.cryptflare.com/security/mcp-access", "markdownUrl": "https://docs.cryptflare.com/security/mcp-access.md", "section": "security", "title": "MCP Access", "description": "Control which tokens can reach the Model Context Protocol server at mcp.cryptflare.com. One permission gate, full audit trail, opt-in per token.", "endpoint": null, "permission": null, "tags": [] }, { "route": "/security/notifications", "url": "https://docs.cryptflare.com/security/notifications", "markdownUrl": "https://docs.cryptflare.com/security/notifications.md", "section": "security", "title": "Notifications", "description": "In-app notifications for access requests, member invites, secret rotations, and more", "endpoint": null, "permission": null, "tags": [] }, { "route": "/security/ownership-transfer", "url": "https://docs.cryptflare.com/security/ownership-transfer", "markdownUrl": "https://docs.cryptflare.com/security/ownership-transfer.md", "section": "security", "title": "Ownership transfer", "description": "Transfer organisation ownership to another member", "endpoint": null, "permission": null, "tags": [] }, { "route": "/security/policies", "url": "https://docs.cryptflare.com/security/policies", "markdownUrl": "https://docs.cryptflare.com/security/policies.md", "section": "security", "title": "Policies", "description": "Fine-grained, deny-first access policies that layer on top of RBAC roles", "endpoint": null, "permission": null, "tags": [] }, { "route": "/security/roles", "url": "https://docs.cryptflare.com/security/roles", "markdownUrl": "https://docs.cryptflare.com/security/roles.md", "section": "security", "title": "Roles and permissions", "description": "Understand the built-in roles, what each one can do, and how organisation owners can customise permissions.", "endpoint": null, "permission": null, "tags": [] }, { "route": "/security/sso", "url": "https://docs.cryptflare.com/security/sso", "markdownUrl": "https://docs.cryptflare.com/security/sso.md", "section": "security", "title": "Single Sign-On (SSO)", "description": "Authenticate your team through your corporate identity provider with OIDC-based SSO", "endpoint": null, "permission": null, "tags": [] }, { "route": "/security/status-notifications", "url": "https://docs.cryptflare.com/security/status-notifications", "markdownUrl": "https://docs.cryptflare.com/security/status-notifications.md", "section": "security", "title": "Status Notifications", "description": "Subscribe to email alerts for incidents and scheduled maintenance on the CryptFlare status page.", "endpoint": null, "permission": null, "tags": [] }, { "route": "/security/sync", "url": "https://docs.cryptflare.com/security/sync", "markdownUrl": "https://docs.cryptflare.com/security/sync.md", "section": "security", "title": "Secret Sync", "description": "Push CryptFlare secrets to third-party destinations like GitHub Actions, Vercel, and AWS Secrets Manager. One-way, auto-reconciled, identity-aware.", "endpoint": null, "permission": null, "tags": [] }, { "route": "/security/teams", "url": "https://docs.cryptflare.com/security/teams", "markdownUrl": "https://docs.cryptflare.com/security/teams.md", "section": "security", "title": "Teams", "description": "Group members into teams for scoped access policies and collaboration", "endpoint": null, "permission": null, "tags": [] } ] }