API Reference
Complete reference for the FyVault REST API.
Base URL
https://api.fyvault.com/api/v1
Authentication
Bearer token in Authorization header
Auth
| Method | Endpoint | Description |
|---|---|---|
| POST | /auth/register | Create account |
| POST | /auth/login | Login (returns JWT) |
| POST | /auth/refresh | Refresh token |
| GET | /auth/me/orgs | List user’s organizations |
| POST | /auth/sudo/verify | Re-authenticate for sensitive actions |
Secrets
| Method | Endpoint | Description |
|---|---|---|
| POST | /orgs/:org_id/secrets | Create secret |
| GET | /orgs/:org_id/secrets | List secrets |
| GET | /orgs/:org_id/secrets/:id | Get secret detail |
| PATCH | /orgs/:org_id/secrets/:id | Update value |
| DELETE | /orgs/:org_id/secrets/:id | Delete secret |
API keys & session tokens
| Method | Endpoint | Description |
|---|---|---|
| POST | /orgs/:org_id/api-keys | Create long-lived API key (fv_live_…) |
| GET | /orgs/:org_id/api-keys | List API keys |
| DELETE | /orgs/:org_id/api-keys/:id | Revoke API key |
| POST | /orgs/:org_id/access-tokens | Mint short-lived session token (fvsess_…) — Authorization: Bearer fv_live_… only |
| DELETE | /orgs/:org_id/access-tokens/:id | Revoke session token (org admin JWT) |
Devices
| Method | Endpoint | Description |
|---|---|---|
| POST | /orgs/:org_id/devices | Register device |
| GET | /orgs/:org_id/devices | List devices |
| GET | /orgs/:org_id/devices/:id | Get device detail |
| PATCH | /orgs/:org_id/devices/:id | Update device |
| DELETE | /orgs/:org_id/devices/:id | Revoke device |
| POST | /orgs/:org_id/devices/:id/assign | Assign secret to device |
| DELETE | /orgs/:org_id/devices/:id/assign/:secret_id | Unassign secret |
Teams
| Method | Endpoint | Description |
|---|---|---|
| POST | /orgs/:org_id/teams | Create team |
| GET | /orgs/:org_id/teams | List teams |
| PATCH | /orgs/:org_id/teams/:id | Update team |
| DELETE | /orgs/:org_id/teams/:id | Delete team |
| POST | /orgs/:org_id/teams/:id/members | Add member to team |
| DELETE | /orgs/:org_id/teams/:id/members/:user_id | Remove member |
Policies
| Method | Endpoint | Description |
|---|---|---|
| POST | /orgs/:org_id/policies | Create policy |
| GET | /orgs/:org_id/policies | List policies |
| PATCH | /orgs/:org_id/policies/:id | Update policy |
| DELETE | /orgs/:org_id/policies/:id | Delete policy |
Webhooks
| Method | Endpoint | Description |
|---|---|---|
| POST | /orgs/:org_id/webhooks | Create webhook |
| GET | /orgs/:org_id/webhooks | List webhooks |
| PATCH | /orgs/:org_id/webhooks/:id | Update webhook |
| DELETE | /orgs/:org_id/webhooks/:id | Delete webhook |
| POST | /orgs/:org_id/webhooks/:id/test | Send test event |
Audit
| Method | Endpoint | Description |
|---|---|---|
| GET | /orgs/:org_id/audit-logs | List audit log entries |
Agent (Device API)
| Method | Endpoint | Description |
|---|---|---|
| POST | /agent/boot | Boot device and receive secret bundle |
| POST | /agent/heartbeat | Send heartbeat |