Documentation

API overview β€” base URLs & jobs

Versioning conventions, timeouts, quotas, and how seal.club models asynchronous sealing workloads.

Edit on GitHub

Base URLs & environments

EnvironmentEndpoint
Productionhttps://api.seal.club/v1
Sandboxhttps://api.sandbox.seal.club/v1
EU pinned (beta)https://api.eu.seal.club/v1

Every request must include Authorization: Bearer sk_… (private) or pk_… for narrowly scoped uploads from controlled clients.

Version banner

Breaking changes bump /v{n}. Older versions stay available for ninety days with Sunset headers on responses. Announcements mirror that schedule in changelog emails.

Resource model at a glance

ResourceResponsibility
JobCaptures ingestion, hashing, KMS wrap, eventual receipt issuance. Async by default unless mode=blocking explicitly requested.
ReceiptImmutable JSON artefact verifying what was hashed, algorithm edition, KMS key id references, timestamps. Not the PDF itself.
WebhookDeliveryOutbound POST with Svix-compatible signing headers (mock docs until public beta).

Request limits & idempotency

  • Concurrency: Each environment advertises simultaneous jobs in /v1/metadata/limits; defaults are deliberately conservative.
  • Idempotency-Key header: Replay identical uploads safely for up to forty-eight hours. Conflicts reuse the canonical job id stored per key fingerprint.
  • Payload size ceiling: Sandbox caps at ninety megabytes. Live tiers advertise higher quotas with fair-use policies.

Developer playground

A rudimentary OpenAPI 3.1 contract is available at /openapi.yaml and listed under API Reference β†’ Playground with an interactive Mintlify request builder. Its servers intentionally use api.sandbox.example.com and api.example.com so demo traffic never points at a real sealing API.

Roadmap

  • Postman bundles under /spec
  • Replayable CLI using the same WASM verification core as auditors
  • gRPC ingestion for partners who dislike HTTPS termination at the edge

Watch the changelog section of the SaaS dashboard once authenticated.