TraceNone
Back to home
API reference

TraceNone API

Create, list, and revoke one-time encrypted secret links from your apps and scripts. Same dual-key encryption as the dashboard — plaintext never stored.

Authentication

Create an API key in Dashboard → API Keys. Send it on every request:

Authorization: Bearer tn_your_api_key

Keys are hashed at rest and shown only once at creation. Treat them like passwords. Revoke compromised keys immediately from the dashboard.

POST/api/v1/secrets

Create an encrypted secret and get a shareable link.

Body (JSON)

  • secret (string, required) — plaintext to encrypt
  • label (string) — creator-facing label (not encrypted into the payload)
  • password (string, Pro+) — recipient passphrase
  • maxViews (integer) — 1 up to your plan max
  • expiry (ISO-8601) or expiresIn (seconds)
  • domainId or domain (Pro+) — verified custom domain on your account
curl -X POST https://tracenone.app/api/v1/secrets \
  -H "Authorization: Bearer tn_…" \
  -H "Content-Type: application/json" \
  -d '{
    "secret": "super-secret-value",
    "label": "Staging DB",
    "maxViews": 1,
    "expiresIn": 86400,
    "domain": "secrets.yourco.com"
  }'

Response 201

{
  "id": "clx…",
  "label": "Staging DB",
  "url": "https://…/secret/clx…#unlockKey=…",
  "short_url": "https://…/s/xK9m…#unlockKey=…",
  "unlock_key": "…",
  "max_views": 1,
  "views_remaining": 1,
  "expires_at": "2026-07-17T12:00:00.000Z",
  "password_protected": false,
  "domain": "secrets.yourco.com"
}

The unlock key lives in the URL #fragment and is never stored with the ciphertext. Store short_url securely — it is only returned on create.

GET/api/v1/secrets

List secrets for your account. Defaults to active only.

Query

  • status active (default) or all
  • page — default 1
  • limit — default 20, max 100

Active = not revoked, not expired, and has views remaining. Never returns plaintext or unlock keys.

curl "https://tracenone.app/api/v1/secrets?status=active&limit=20" \
  -H "Authorization: Bearer tn_…"
GET/api/v1/secrets/:id

Fetch metadata for a single secret you own.

curl "https://tracenone.app/api/v1/secrets/clx…" \
  -H "Authorization: Bearer tn_…"
DELETE/api/v1/secrets/:id

Revoke a secret immediately (Pro+). Cannot be undone.

curl -X DELETE "https://tracenone.app/api/v1/secrets/clx…" \
  -H "Authorization: Bearer tn_…"

Free plans cannot revoke via API or dashboard. Upgrade to Pro to enable revoke.

Errors & limits

StatusMeaning
401Missing or invalid API key
403Plan does not allow this action (e.g. revoke, password, domain)
404Secret or custom domain not found on your account
429Rate limit exceeded — see X-RateLimit-* headers
400Validation error (body / query)

Ready to integrate?

Create an API key and start sending secrets from your pipeline.