| Prerequisites |
|---|
| You’re familiar with the FlowCrypt External Service (FES). |
The default FlowCrypt External Service host is https://localhost:32337. This API is meant to be called by the FlowCrypt client apps, which include:
- Browser Extension for Chrome, Firefox, and Brave
- Android App
- iOS App
Authentication
Privileged endpoints are authenticated using the HTTP Authorization header with a Bearer <id_token>.
The first time a client authenticates in the system, they receive a token issued by a third party. After that, the client receives and reuses a JWT token signed by FES.
Endpoints
This is an HTTP REST API that expects to accept JSON in the request body and responds with JSON.
FES environment info endpoint
Request the GET /api/ endpoint to verify that the service is up:
curl \
https://localhost:32337/api/
It will return HTTP 200 OK regardless of whether the data store can be reached or not:
{
"vendor": "FlowCrypt",
"service": "external-service",
"orgId": "evaluation.org",
"version": "2020-01-DEV"
}
Health check endpoint
Check whether the GET /api/health endpoint is running and ready to serve requests, in which case it returns an HTTP 200 OK status. Otherwise, it returns HTTP 503.
curl \
https://localhost:32337/api/health
Response:
{}
Error logging test endpoint
Manually call the GET /api/error endpoint to verify that your own logging and monitoring infrastructure will notify you about exceptions.
curl \
https://localhost:32337/api/error
Response:
{
"code": 500,
"message": "Intentional unhandled exception to test logging integration",
"details": "..."
}
Standard HTTP status codes are used in an HTTP response code as well as in the response body, commonly 200, 404, 400, 401, 403, and 503.
An Error 500 is expected only when calling the /api/error endpoint. For other cases, you should set up an alert and report them to human@flowcrypt.com. That way, we can either fix the error or return a more appropriate error code.