Skip to main content
Version: 1.0.0

SASHA Partner API

This API allows for protecting new images and checking if an image is already protected with SASHA Signature.

Authenticate with Client Credentials

To authenticate with Client Credentials, you need to send a request to the /oauth/token endpoint.

The server will authenticate the Partner and return an Access Token that can be used for making requests to the Signature endpoints.

Protect an image with SASHA Signature

To protect an image with SASHA Signature, you need to send a request to the /signature/embed endpoint providing the image file or the URL to the image file.

The server will return a Job object with the job ID and status. Once the job is complete, the protected image file will be available at the output_url and the signature_id will be populated representing the globally unique identifier of the protected image.

Partners may poll for the job status using the /jobs/{job_id} endpoint or provide a callback_url in the request to receive notifications when the job is complete.

Check if an image is already protected with SASHA Signature

To check if an image is already protected with SASHA Signature, you need to send a request to the /signature/lookup endpoint providing the image file or the URL to the image file.

The server will return a Job object with the job ID and status. Once the job is complete, the Job object will contain the signature_id field if a SASHA Signature is found.

Job Status and Callbacks

All operations are asynchronous and return a Job object with a unique job_id. You can:

  1. Poll for status: Use the /jobs/{job_id} endpoint to check job status.
  2. Callback notifications: Provide a callback_url in your request to receive notifications when the job status changes.

Callback Notifications

If you provide a callback_url in your Embed Signature or Lookup Signature request, the system will send HTTP POST requests to that URL whenever the job status changes. The callback payload will contain the complete Job object with updated status information. Partners can use this callback to track the status of their jobs and get notified when the job is complete to get the result.

Partners can validate the callback request to ensure it genuinely comes from SASHA and was not modified in transit, see callback documentation below.

Authentication

Base64-encoded string that contains the Client ID and Client Secret.

The Client ID and Client Secret must each be form-url encoded.

The field must have the format: Authorization: Basic <base64-encoded client_id:client_secret>

Security Scheme Type:

http

HTTP Authorization Scheme:

basic

Contact

API Support: support@sasha.eu