Overview
The LinkVault API is a RESTful JSON API. All endpoints accept and return application/json unless otherwise noted (file uploads use multipart/form-data).
Base URL
https://linkvault.biz/apiPlan requirements: API access requires a Professional plan or above. Integrations and Branding endpoints require a Business plan.
Authentication
Include your API key in the Authorization header of every request:
Authorization: Bearer lv_your_api_key_here
Quick Start Example
curl -H 'Authorization: Bearer lv_your_key' \ https://linkvault.biz/api/links
Generate API keys from Settings → API Keys. Max 5 keys per account.
Errors
All errors return a JSON object with an error field:
{ "error": "Description of the error" }| Status | Meaning |
|---|---|
| 400 | Bad Request — invalid parameters |
| 401 | Unauthorized — missing or invalid API key |
| 403 | Forbidden — insufficient plan or permissions |
| 404 | Not Found — resource does not exist |
| 410 | Gone — link has expired |
| 422 | Unprocessable Entity — validation failed |
Links
/api/linksReturns a paginated list of your links.
Query Parameters
page (int), limit (int, 1-100), tab (active|expired)
Response
{ "links": [...], "pagination": { "page": 1, "limit": 10, "total": 42, "totalPages": 5 } }/api/links/{id}Returns metadata for a specific link.
Response
{ "id": "abc123", "name": "report.pdf", "mime": "application/pdf", "views": 12, "requires_password": false, "has_watermark": true }/api/links/{id}Delete a link and its stored file.
Response
{ "ok": true }/api/links/{id}/activeActivate or deactivate a link.
Request Body
{ "isActive": true }Response
{ "ok": true }/api/links/{id}/passwordSet or remove password. Send empty string to remove.
Request Body
{ "password": "mySecret" }Response
{ "ok": true, "hasPassword": true }/api/links/{id}/watermarkEnable or disable watermark.
Request Body
{ "hasWatermark": true }Response
{ "ok": true, "hasWatermark": true }/api/links/{id}/shareSend the viewer link to recipients.
Request Body
{ "emails": ["user@example.com"], "message": "Check this out" }Response
{ "ok": true }/api/links/pending-countCount of pending access requests across all links.
Response
{ "count": 3 }/api/links/{id}/requestsList access requests for a link with approval required.
Response
{ "requests": [{ "id": 1, "visitorIp": "...", "status": "pending" }] }/api/links/{id}/requests/{requestId}Update access request status.
Request Body
{ "status": "approved" }Response
{ "ok": true, "status": "approved" }Upload
/api/uploadUpload a file and create a viewer link. Max 100 MB. Use multipart/form-data.
Form Fields
file (binary), expiration (1h|24h|7d), addPassword (0|1), password (string), hasWatermark (0|1), requiresApproval (0|1), viewSessionTtlSeconds (60-86400), maxViews (0=unlimited)
Response
{ "id": "abc123def456", "viewer_url": "https://linkvault.biz/viewer/abc123def456" }API Keys
/api/api-keysList all your API keys (masked).
Response
{ "api_keys": [{ "id": 1, "name": "Production", "key_prefix": "lv_a3f1••••", "active": true, "total_requests": 142 }] }/api/api-keysGenerate a new key. The plain key is shown ONLY in this response.
Request Body
{ "name": "My Key" }Response
{ "api_key": { "id": 1, "name": "My Key", "key": "lv_a3f1b2c4d5e6f789..." }, "message": "Copy it now — it won't be shown again." }/api/api-keys/{id}/toggleActivate or deactivate a key.
Response
{ "active": false, "message": "API key deactivated" }/api/api-keys/{id}Permanently deactivate a key.
Response
{ "message": "API key revoked" }Integrations
/api/integrationsList configured Slack/Discord integrations. Business plan.
Response
{ "integrations": [{ "id": 1, "type": "slack", "enabled": true }] }/api/integrationsCreate a Slack or Discord webhook integration.
Request Body
{ "type": "slack", "config": { "webhook_url": "https://hooks.slack.com/...", "channel": "#general" } }Response
{ "ok": true }/api/integrations/{id}Remove an integration.
Response
{ "ok": true }Branding
/api/brandingGet current branding settings. Business plan.
Response
{ "company_name": "Acme", "logo_url": "/uploads/logo.png", "primary_color": "#6366f1", "custom_domain": "share.acme.com" }/api/brandingUpdate branding. Use multipart/form-data for logo upload.
Request Body
company_name (string), primary_color (hex), custom_domain (string), logo (file)
Response
{ "company_name": "Acme", ... }Blocked File Types
The following extensions are rejected on upload: exe, dll, bat, cmd, msi, bin, iso, img, zip, rar, tar, gz
Need help? Contact Support or manage your API keys.