API Reference¶
The VaultStream REST API enables programmatic control over all platform functionality: content upload, transcoding management, user provisioning, analytics, and more.
Base URL¶
Authentication¶
All API requests require authentication via Bearer token. See Authentication for token generation and scope management.
API Organization¶
| Category | Endpoints | Description |
|---|---|---|
| Content Management | /v1/content/* |
Upload, list, update, delete content |
| Media & Playback | /v1/media/*, /v1/playback/* |
Streaming manifests, playback sessions |
| User & Access | /v1/users/*, /v1/teams/* |
User provisioning, permissions |
| Analytics | /v1/analytics/*, /v1/telemetry |
Viewership metrics, usage reports |
| Webhooks | /v1/webhooks/* |
Event subscriptions, delivery management |
Request Format¶
- All request bodies must be JSON (
Content-Type: application/json) - File uploads use
multipart/form-data - Timestamps are ISO 8601 in UTC (
2026-07-04T15:30:00Z) - IDs are opaque strings (e.g.,
c_7a3b9f1d)
Response Format¶
All responses follow a standard envelope:
{
"status": "ok",
"data": { ... },
"meta": {
"request_id": "req_a1b2c3d4",
"page": 1,
"per_page": 50,
"total": 247
}
}
Error responses:
{
"status": "error",
"error": {
"code": "invalid_token",
"message": "The provided API token is invalid or expired",
"request_id": "req_a1b2c3d4"
}
}
Pagination¶
List endpoints support cursor-based pagination:
curl -H "Authorization: Bearer $TOKEN" \
"https://api.cyfr.technology/v1/content?limit=50&after=c_7a3b9f1d"
Response includes next_cursor for the next page.
Rate Limits¶
| Endpoint Group | Rate Limit | Window |
|---|---|---|
| Content upload | 10/min | Per minute |
| Read operations | 300/min | Per minute |
| Write operations | 60/min | Per minute |
| Playback manifests | 600/min | Per minute |
Rate limit headers: