Vault API
A zero-knowledge encrypted credential store for your organization. Store API keys, login credentials, SSH keys, and other secrets — Inkbox never sees the plaintext. All encryption and decryption happens client-side using your vault key.
API base URL:
https://api.inkbox.ai/api/v1/vaultQuick start
Create an account and get your service token from the Inkbox console:
Get service tokenAPI requests require a service token for authentication. Some operations may require additional credentials (e.g., your vault key). See individual endpoint docs for details.
X-Service-Token: YOUR_SERVICE_TOKENVault
Get vault info
GETGet vault metadata including secret and key counts
/api/v1/vault/infoUnlock vault
GETFetch encrypted secrets and wrapped keys for client-side decryption
/api/v1/vault/unlockSecrets
Create secret
POSTStore a new encrypted secret
/api/v1/vault/secretsList secrets
GETList all secrets (metadata only, no payloads)
/api/v1/vault/secretsGet secret
GETGet a single secret with its encrypted payload
/api/v1/vault/secrets/{secret_id}Update secret
PATCHUpdate a secret's name, description, or encrypted payload
/api/v1/vault/secrets/{secret_id}Delete secret
DELETEDelete a secret
/api/v1/vault/secrets/{secret_id}Keys
List vault keys
GETList all vault keys (primary and recovery)
/api/v1/vault/keysReplace primary key
PUTReplace the primary vault key using current key or recovery code
/api/v1/vault/keys/primaryRevoke vault key
DELETERevoke a vault key by its auth hash
/api/v1/vault/keys/{auth_hash}Access control
Grant identity access
POSTGrant an agent identity access to a specific secret
/api/v1/vault/secrets/{secret_id}/accessList access rules
GETList all identity access rules for a secret
/api/v1/vault/secrets/{secret_id}/accessRevoke identity access
DELETERevoke an identity's access to a secret
/api/v1/vault/secrets/{secret_id}/access/{identity_id}