Skip to content

Password API

Jump to bottom Edit New page
Peter Giacomo Lombardo edited this page Feb 29, 2024 · 14 revisions

Password Pusher now has an authenticated JSON API. The new API documentation is available at /api on any private instance or always available at https://pwpush.com/api

The following documentation is still valid but hasn't been updated yet to describe the new calls available with authentication (but available in the above link).

Overview

If you wish to automate creation of passwords, you can do so through the JSON API. It is done by hitting the password endpoint (/p.json) with a POST-request.

The following POST data is available for Content-Type: application/x-www-form-urlencoded. Only payload is required. If the other options are not specified, they will set to the application defaults:

password[payload]: mypassword 
password[expire_after_days]: 10
password[expire_after_views]: 2
password[note]: 'Reference Note. Encrypted & Visible Only to You. E.g. Employee, Record or Ticket ID etc..'
password[retrieval_step]: 'true' or 'false'
password[deletable_by_viewer]: 'true' or 'false'

if you are executing a POST with ContentType: application/json, instead use valid JSON in the POST body:

{
 "password": 
  {
    "payload": "mypassword",
    "expire_after_days": "2",
    "expire_after_views": "10",
    "note": "Reference Note. Encrypted & Visible Only to You. E.g. Employee, Record or Ticket ID etc..",
    "retrieval_step": "true",
    "deletable_by_viewer": "false"
   }
}

See also #106 about using JSON with POST.

via curl:

curl -X POST --data "password[payload]=mypassword&password[expire_after_days]=2&password[expire_after_views]=10" https://pwpush.com/p.json

or paste this into your browser console for the pwpush.com page:

fetch(
  "https://pwpush.com/p.json", {
    method: "POST",
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      password: {
        payload: "mypassword",
        expire_after_days: 2,
        expire_after_views: 10
      }
    })
  })
  .then(response => response.json())
  .then(data => { console.log("Share this secret URL: https://pwpush.com/p/" + data.url_token); });

Other Endpoints

You can append .json to any URL and you will get a JSON response instead of HTML.

To retrieve a password:

curl -X GET https://pwpush.com/p/<ID>.json

Or to destroy a password (regardless of views/expiration) use method DELETE

curl -X DELETE https://pwpush.com/p/<ID>.json

Note that destroy is only possible if the option was set (password[deletable_by_viewer] was set to true) when the password record was created.

Screen Shot 2019-09-30 at 2 12 31 PM

Query Against Private Instances

If you are running your own private instance, these API calls are available on your instance too.

Just point these calls to your own instance. e.g. Change the https://pwpush.com part to where you host your private instance such as https://pwpush.mycompany.org/p.json

The default for the development environment is: http:https://127.0.0.1:5100/p.json.

Swift Example

See this issue where @broadwaycodez provides a Swift example for accessing the JSON API.

See also

The Tools page on pwpush.com summarizes many of the existing 3rd party tools as well.

Add a custom footer
Add a custom sidebar
Clone this wiki locally