CDR API Documentation
Comprehensive guides and references for integrating our Content Disarm and Reconstruct service.
Getting Started
The Red Eagle Tech Content Disarm and Reconstruct (CDR) API allows you to scan and sanitise documents to remove potential security threats while preserving document functionality.
What you'll need
- An API key (obtain by subscribing to one of our plans)
- Your API secret (for generating HMAC signatures)
- Basic understanding of REST APIs
Authentication
The CDR API uses API keys and HMAC signatures to authenticate requests.
Headers required for authentication:
| Header | Description | Example |
|---|---|---|
X-API-Key |
Your API key | ret_cdr_5f8d3a7b9c |
X-Timestamp |
Current UTC timestamp (Unix format) | 1617184126 |
X-Signature |
HMAC SHA-256 signature of the request | a1b2c3d4e5f6... |
Generating signatures:
The signature is a HMAC SHA-256 hash of a string combining:
- HTTP method (e.g., "POST")
- Request path (e.g., "/v1/documents")
- API key
- Timestamp
- Request body (if applicable)
Example signature generation (Pseudocode)
string stringToSign = httpMethod + "\n" +
requestPath + "\n" +
apiKey + "\n" +
timestamp + "\n" +
requestBodyHash;
signature = HMAC-SHA256(apiSecret, stringToSign);
API Endpoints
Upload Document
POST /v1/documents
Upload a document for processing.
Request
Multipart form data with the following parameters:
file- The document file to processoptions(optional) - JSON string of processing options
Response
{
"documentId": "7f8d3a7b9c6e5d4f",
"status": "processing",
"uploadedAt": "2025-04-10T14:22:31Z"
}
Check Status
GET /v1/documents/{documentId}
Check the processing status of a document.
Response
{
"documentId": "7f8d3a7b9c6e5d4f",
"status": "completed",
"uploadedAt": "2025-04-10T14:22:31Z",
"completedAt": "2025-04-10T14:23:15Z",
"sanitisedDocumentUrl": "https://example-url.redeagle.tech/v1/documents/7f8d3a7b9c6e5d4f/download"
}
Download Sanitised Document
GET /v1/documents/{documentId}/download
Download the sanitised document.
Response
The sanitised document file as a binary stream.
Supported File Formats
Our CDR service supports a wide range of document and image formats commonly used in business environments. The following table lists all currently supported file types:
| File Category | File Type | File Extensions |
|---|---|---|
| Documents | Microsoft Word 97-2003 | DOC, DOT |
| Microsoft Word 2007 and later | DOCX, DOCM, DOTX, DOTM |
|
| Spreadsheets | Microsoft Excel 97-2003 | XLS |
| Microsoft Excel 2007 and later | XLSX, XLSB, XLSM, XLTX, XLTM, XLAM |
|
| Presentations | Microsoft PowerPoint 97-2003 | PPT, PPS, POT, PPA |
| Microsoft PowerPoint 2007 and later | PPTX, PPTM, POTX, POTM, PPAM, PPSX, PPSM |
|
| Other | Adobe PDF (all versions) | PDF |
| Adobe FDF | FDF |
|
| Images | JPEG | JPG, JPEG |
| PNG | PNG |
|
| GIF | GIF |
|
| Bitmap | BMP |
|
| TIFF | TIF, TIFF |
Error Handling
The API uses standard HTTP status codes and returns errors in JSON format.
Common Error Codes:
| Status Code | Description |
|---|---|
| 400 | Bad Request - Invalid parameters or file format |
| 401 | Unauthorized - Invalid API key or signature |
| 403 | Forbidden - Insufficient permissions or rate limit exceeded |
| 404 | Not Found - Document ID not found |
| 413 | Payload Too Large - File exceeds size limit |
| 500 | Internal Server Error - Something went wrong on our end |
Error Response Format:
{
"error": {
"code": "invalid_file_format",
"message": "The provided file format is not supported",
"details": "Only supported file formats are accepted"
}
}
Code Examples
// C# Example - Upload document and download sanitised version
using System;
using System.IO;
using System.Net.Http;
using System.Security.Cryptography;
using System.Text;
using System.Threading.Tasks;
public async Task ProcessDocumentExample()
{
string apiKey = "your_api_key";
string apiSecret = "your_api_secret";
string baseUrl = "https://example-url.redeagle.tech/v1";
string filePath = "path/to/document.docx";
// Create HTTP client
using var httpClient = new HttpClient();
// Upload document
var uploadResponse = await UploadDocument(httpClient, baseUrl, apiKey, apiSecret, filePath);
string documentId = uploadResponse.DocumentId;
// Poll for completion
string sanitisedDocumentUrl = null;
while (true)
{
var statusResponse = await CheckStatus(httpClient, baseUrl, apiKey, apiSecret, documentId);
if (statusResponse.Status == "completed")
{
sanitisedDocumentUrl = statusResponse.SanitisedDocumentUrl;
break;
}
else if (statusResponse.Status == "failed")
{
throw new Exception("Document sanitisation failed");
}
await Task.Delay(2000); // Poll every 2 seconds
}
// Download sanitised document
await DownloadDocument(httpClient, sanitisedDocumentUrl, apiKey, apiSecret, "sanitised_document.docx");
}
// Additional methods for upload, status check, and download would be implemented here
// JavaScript Example - Upload document and download sanitised version
const processDocument = async () => {
const apiKey = 'your_api_key';
const apiSecret = 'your_api_secret';
const baseUrl = 'https://example-url.redeagle.tech/v1';
// Create form data with file
const formData = new FormData();
const fileInput = document.getElementById('fileInput');
formData.append('file', fileInput.files[0]);
// Upload document
const timestamp = Math.floor(Date.now() / 1000).toString();
const signature = generateSignature('POST', '/v1/documents', apiKey, apiSecret, timestamp);
const uploadResponse = await fetch(`${baseUrl}/documents`, {
method: 'POST',
headers: {
'X-API-Key': apiKey,
'X-Timestamp': timestamp,
'X-Signature': signature
},
body: formData
});
const uploadResult = await uploadResponse.json();
const documentId = uploadResult.documentId;
// Poll for completion
let sanitisedDocumentUrl = null;
while (true) {
const statusResponse = await checkStatus(baseUrl, apiKey, apiSecret, documentId);
if (statusResponse.status === 'completed') {
sanitisedDocumentUrl = statusResponse.sanitisedDocumentUrl;
break;
} else if (statusResponse.status === 'failed') {
throw new Error('Document sanitisation failed');
}
// Wait 2 seconds before polling again
await new Promise(resolve => setTimeout(resolve, 2000));
}
// Download sanitised document
window.location.href = sanitisedDocumentUrl;
};
// Additional functions for authentication and status checks would be implemented here
# Python Example - Upload document and download sanitised version
import requests
import time
import hmac
import hashlib
import os
from datetime import datetime
def process_document(api_key, api_secret, file_path):
base_url = "https://example-url.redeagle.tech/v1"
# Upload document
with open(file_path, 'rb') as f:
timestamp = str(int(time.time()))
signature = generate_signature("POST", "/v1/documents", api_key, api_secret, timestamp)
headers = {
'X-API-Key': api_key,
'X-Timestamp': timestamp,
'X-Signature': signature
}
files = {'file': f}
response = requests.post(f"{base_url}/documents", headers=headers, files=files)
response.raise_for_status()
document_id = response.json()['documentId']
# Poll for completion
sanitised_document_url = None
while True:
status_response = check_status(base_url, api_key, api_secret, document_id)
if status_response['status'] == 'completed':
sanitised_document_url = status_response['sanitisedDocumentUrl']
break
elif status_response['status'] == 'failed':
raise Exception("Document sanitisation failed")
time.sleep(2) # Poll every 2 seconds
# Download sanitised document
download_document(sanitised_document_url, api_key, api_secret, "sanitised_document.docx")
# Additional functions for authentication, status checks, and download would be implemented here
Limitations
- File Size: Varies by plan tier
- Rate Limits: Varies by plan tier
- Storage: Configurable. Sanitised files can be retained securely for up to 7 days for support purposes, if required
- Formats: Limited to the file types listed in the supported file formats section
Support
If you need assistance with the CDR API, you can:
Ready to get started?
Contact us today to set up your CDR API account and start protecting your documents.
Request free consultation