Sharokey API Documentation β
π Zero Knowledge Secret Sharing API β
Welcome to the complete developer documentation for Sharokey, the secure secret sharing platform with Zero Knowledge encryption.
π Security First
All secrets are encrypted client-side using AES-GCM-256 + PBKDF2 (10,000 iterations) before being sent to our servers. We never see your data in plain text.
π What's Available β
π¦ Client Libraries
4 official libraries: CLI C#, JavaScript SDK, JavaScript CDN, and Python SDK.
Browse Libraries βπ‘ CLI C# Documentation
Cross-platform command-line tool for automation, scripting, and CI/CD integration.
CLI Guide ββ‘ Quick Start β
Choose your preferred method to start using Sharokey:
# Download the CLI
curl -O https://github.com/sharokey/cli/releases/latest/download/sharokey.exe
# Configure your token
sharokey config --token YOUR_API_TOKEN
# Create your first secret
sharokey create "My secret password" --hours 24 --views 1// Install via npm
npm install sharokey-client
// Usage in Node.js/modern web apps
import { SharokeyClient } from 'sharokey-client';
const client = new SharokeyClient({ token: 'YOUR_API_TOKEN' });
const secret = await client.createSecret('My secret', {hours: 24, views: 1});
console.log(secret.share_url);<!-- Include the script -->
<script src="https://cdn.sharokey.com/js/sharokey.js"></script>
<script>
// Configure and use
Sharokey.config({ token: 'YOUR_API_TOKEN' });
const secret = await Sharokey.create('My secret', 24, 1);
console.log(secret.share_url);
</script># Install the SDK
pip install sharokey
# Basic usage
import sharokey
client = sharokey.SharokeyClient(token='YOUR_API_TOKEN')
secret = await client.create('My secret', 24, 1)
print(secret.share_url)# Direct API call
curl -X POST https://api.sharokey.com/api/v1/secrets \
-H "Authorization: Bearer YOUR_API_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"content": "encrypted_secret_data",
"keyA": "server_key",
"hours": 24,
"maximum_views": 1
}'π Zero Knowledge Architecture β
How it works:
- Your data never leaves your device in plain text
- Encryption happens in your browser/application
- Two-key system: KeyA (stored on server) + KeyB (in share URL)
- Both keys required to decrypt the secret
- We can't decrypt your data - true Zero Knowledge
π Features β
| Feature | Description |
|---|---|
| π Zero Knowledge | Client-side encryption, we never see your secrets |
| π File Attachments | Upload files up to 10MB with your secrets |
| π± OTP Protection | Email & SMS verification for extra security |
| β° Expiration Control | Time and view limits for automatic cleanup |
| π Multi-domain | Custom domains for branded secret sharing |
| π Usage Analytics | Track secret creation and access patterns |
| π REST API | Complete programmatic access |
| π 4 Libraries | CLI, JavaScript, Python - choose your stack |
π¦ Getting Your API Token β
- Sign up at sharokey.com
- Go to Settings β API Tokens
- Create a new token with appropriate scopes
- Copy your token and keep it secure
π Token Security
Never commit your API tokens to version control or expose them in client-side code. Store them as environment variables or in secure configuration files.
π Documentation Sections β
π API Reference β
Complete REST API documentation covering all endpoints, authentication methods, request/response formats, and error codes.
π¦ Client Libraries β
Official libraries for different programming languages with installation guides, examples, and feature comparisons.
π‘ Code Examples β
Practical tutorials and code samples for common integration patterns and use cases.
π€ Support & Community β
- π§ Email: [email protected]
- π Bug Reports: GitHub Issues
- π¬ Discord: Join our community
- π Blog: Technical articles
π License β
This documentation is released under the MIT License.
Sharokey API is a commercial service with free tier available.