Work with API
Passwork includes a REST API, designed to manage vaults, folders, and passwords. The API is based on the HTTPS protocol and provides responses in JSON format. Working with the API consists of three main stages:
- Authorization using the user's API key and getting tokens for the API session
- Performing operations
- Session termination
Access rights to the API correspond to the user's rights, whose API key is used. All actions are logged on behalf of this user. The REST API interacts with Passwork mobile apps and browser extensions. The API can also be used to integrate Passwork into your infrastructure. To support the “zero knowledge” mode (client-side encryption), the client-side must be able to decrypt the API-returned data and encrypt data before sending it to the API. These data preparation processes are technically complex and require data encoding in specific formats, deriving keys from passwords, calculating hash functions, and using RSA and AES encryption. To facilitate the use of the API, we have developed special connectors that encapsulate all necessary actions and provide simple interfaces for developers. Connectors are currently available:
JS connector
