Create, list, and revoke one-time encrypted secret links from your apps and scripts. Same dual-key encryption as the dashboard — plaintext never stored.
Create an API key in Dashboard → API Keys. Send it on every request:
Authorization: Bearer tn_your_api_keyKeys are hashed at rest and shown only once at creation. Treat them like passwords. Revoke compromised keys immediately from the dashboard.
/api/v1/secretsCreate an encrypted secret and get a shareable link.
Body (JSON)
secret (string, required) — plaintext to encryptlabel (string) — creator-facing label (not encrypted into the payload)password (string, Pro+) — recipient passphrasemaxViews (integer) — 1 up to your plan maxexpiry (ISO-8601) or expiresIn (seconds)domainId or domain (Pro+) — verified custom domain on your accountcurl -X POST https://tracenone.app/api/v1/secrets \
-H "Authorization: Bearer tn_…" \
-H "Content-Type: application/json" \
-d '{
"secret": "super-secret-value",
"label": "Staging DB",
"maxViews": 1,
"expiresIn": 86400,
"domain": "secrets.yourco.com"
}'Response 201
{
"id": "clx…",
"label": "Staging DB",
"url": "https://…/secret/clx…#unlockKey=…",
"short_url": "https://…/s/xK9m…#unlockKey=…",
"unlock_key": "…",
"max_views": 1,
"views_remaining": 1,
"expires_at": "2026-07-17T12:00:00.000Z",
"password_protected": false,
"domain": "secrets.yourco.com"
}The unlock key lives in the URL #fragment and is never stored with the ciphertext. Store short_url securely — it is only returned on create.
/api/v1/secretsList secrets for your account. Defaults to active only.
Query
status — active (default) or allpage — default 1limit — default 20, max 100Active = not revoked, not expired, and has views remaining. Never returns plaintext or unlock keys.
curl "https://tracenone.app/api/v1/secrets?status=active&limit=20" \
-H "Authorization: Bearer tn_…"/api/v1/secrets/:idFetch metadata for a single secret you own.
curl "https://tracenone.app/api/v1/secrets/clx…" \
-H "Authorization: Bearer tn_…"/api/v1/secrets/:idRevoke a secret immediately (Pro+). Cannot be undone.
curl -X DELETE "https://tracenone.app/api/v1/secrets/clx…" \
-H "Authorization: Bearer tn_…"Free plans cannot revoke via API or dashboard. Upgrade to Pro to enable revoke.
| Status | Meaning |
|---|---|
| 401 | Missing or invalid API key |
| 403 | Plan does not allow this action (e.g. revoke, password, domain) |
| 404 | Secret or custom domain not found on your account |
| 429 | Rate limit exceeded — see X-RateLimit-* headers |
| 400 | Validation error (body / query) |
Create an API key and start sending secrets from your pipeline.