Integrate the T.A.L.A. API
Create, monitor, and unlock vaults through a small set of endpoints. Use this page to authenticate correctly, respect rate policy, and ship reliable integrations.
Authentication
API key
Server to server calls. Send in Authorization: Bearer <token>.
OAuth (on request)
Use for delegated user consent. Reach out for client registration.
Webhook signature
Validate X-TALA-Signature using HMAC SHA256.
Endpoints
/vaultsCreate a vault with CID, checksum, and unlock time.
Auth required
/vaults/{id}Fetch vault metadata and current status.
Auth required
/vaults/{id}/filesAttach an encrypted file to a vault.
Auth required
/vaults/{id}/files/{fileId}Download a file after unlock readiness.
Auth required
/vaults/{id}Destroy a vault and its files when policy requires.
Auth required
Sample request
curl -X POST https://api.usetala.in/v1/vaults
-H "Authorization: Bearer YOUR_API_KEY"
-H "Content-Type: application/json"
-d '{
"cid": "bafy...",
"checksum": "sha256:2f0c...",
"unlockAt": 1893456000,
"metadata": {"label": "Exam Set A"}
}'Always keep tokens in server environments. Do not embed them in browser code.
Rate policy
| Tier | Requests | Concurrent | Max file size |
|---|---|---|---|
| Starter | 100 per hour | 5 | 500 MB |
| Professional | 1,000 per hour | 50 | Unlimited |
| Enterprise | 10,000 per hour | 500 | Unlimited |
HTTP codes
200 — OK
Request succeeded.
201 — Created
Resource created.
400 — Bad Request
Invalid payload or missing field.
401 — Unauthorized
Missing or invalid token.
403 — Forbidden
Caller not allowed for this vault.
404 — Not Found
Resource does not exist.
429 — Too Many Requests
Back off and retry later.
500 — Server Error
Unexpected failure on our side.
Need help or another SDK?
We support REST in any language. Ask for a new SDK, a security review, or guidance for exam day rehearsals.