Zap Integrate: Our new Shopify product automation tool that helps you manage thousands of products effortlessly. Learn more

CDR API Documentation


Comprehensive guides and references for integrating our Content Disarm and Reconstruct service.


Getting Started Authentication API Endpoints Supported Formats Error Handling Code Examples Limitations Support
Back to Product Page

Getting Started

The Red Eagle Tech Content Disarm and Reconstruct (CDR) API allows you to scan and sanitise documents to remove potential security threats while preserving document functionality.

What you'll need

  • An API key (obtain by subscribing to one of our plans)
  • Your API secret (for generating HMAC signatures)
  • Basic understanding of REST APIs
All API requests must be made over HTTPS. Calls over plain HTTP will fail.

Authentication

The CDR API uses API keys and HMAC signatures to authenticate requests.

Headers required for authentication:
Header Description Example
X-API-Key Your API key ret_cdr_5f8d3a7b9c
X-Timestamp Current UTC timestamp (Unix format) 1617184126
X-Signature HMAC SHA-256 signature of the request a1b2c3d4e5f6...
Generating signatures:

The signature is a HMAC SHA-256 hash of a string combining:

  1. HTTP method (e.g., "POST")
  2. Request path (e.g., "/v1/documents")
  3. API key
  4. Timestamp
  5. Request body (if applicable)
Example signature generation (Pseudocode)
string stringToSign = httpMethod + "\n" + 
                    requestPath + "\n" + 
                    apiKey + "\n" + 
                    timestamp + "\n" + 
                    requestBodyHash;

signature = HMAC-SHA256(apiSecret, stringToSign);

API Endpoints

Upload Document

POST /v1/documents

Upload a document for processing.

Request

Multipart form data with the following parameters:

  • file - The document file to process
  • options (optional) - JSON string of processing options
Response
{
  "documentId": "7f8d3a7b9c6e5d4f",
  "status": "processing",
  "uploadedAt": "2025-04-10T14:22:31Z"
}
Check Status

GET /v1/documents/{documentId}

Check the processing status of a document.

Response
{
  "documentId": "7f8d3a7b9c6e5d4f",
  "status": "completed",
  "uploadedAt": "2025-04-10T14:22:31Z",
  "completedAt": "2025-04-10T14:23:15Z",
  "sanitisedDocumentUrl": "https://example-url.redeagle.tech/v1/documents/7f8d3a7b9c6e5d4f/download"
}
Download Sanitised Document

GET /v1/documents/{documentId}/download

Download the sanitised document.

Response

The sanitised document file as a binary stream.

Supported File Formats

Our CDR service supports a wide range of document formats commonly used in business environments. The following table lists all currently supported file types:

File Category File Type File Extensions
Documents Microsoft Word 97-2003 DOC, DOT
Microsoft Word 2007 and later DOCX, DOCM, DOTX, DOTM
Spreadsheets Microsoft Excel 97-2003 XLS
Microsoft Excel 2007 and later XLSX, XLSB, XLSM, XLTX, XLTM, XLAM
Presentations Microsoft PowerPoint 97-2003 PPT, PPS, POT, PPA
Microsoft PowerPoint 2007 and later PPTX, PPTM, POTX, POTM, PPAM, PPSX, PPSM
Other Adobe PDF (all versions) PDF
Adobe FDF FDF
Our CDR service is regularly updated to support additional file formats. If you require processing for a file type not listed here, please contact our support team to discuss your requirements.

Error Handling

The API uses standard HTTP status codes and returns errors in JSON format.

Common Error Codes:
Status Code Description
400 Bad Request - Invalid parameters or file format
401 Unauthorized - Invalid API key or signature
403 Forbidden - Insufficient permissions or rate limit exceeded
404 Not Found - Document ID not found
413 Payload Too Large - File exceeds size limit
500 Internal Server Error - Something went wrong on our end
Error Response Format:
{
  "error": {
    "code": "invalid_file_format",
    "message": "The provided file format is not supported",
    "details": "Only Office documents and PDFs are supported"
  }
}

Code Examples

// C# Example - Upload document and download sanitised version
using System;
using System.IO;
using System.Net.Http;
using System.Security.Cryptography;
using System.Text;
using System.Threading.Tasks;

public async Task ProcessDocumentExample()
{
    string apiKey = "your_api_key";
    string apiSecret = "your_api_secret";
    string baseUrl = "https://example-url.redeagle.tech/v1";
    string filePath = "path/to/document.docx";

    // Create HTTP client
    using var httpClient = new HttpClient();

    // Upload document
    var uploadResponse = await UploadDocument(httpClient, baseUrl, apiKey, apiSecret, filePath);
    string documentId = uploadResponse.DocumentId;

    // Poll for completion
    string sanitisedDocumentUrl = null;
    while (true)
    {
        var statusResponse = await CheckStatus(httpClient, baseUrl, apiKey, apiSecret, documentId);
        if (statusResponse.Status == "completed")
        {
            sanitisedDocumentUrl = statusResponse.SanitisedDocumentUrl;
            break;
        }
        else if (statusResponse.Status == "failed")
        {
            throw new Exception("Document sanitisation failed");
        }

        await Task.Delay(2000); // Poll every 2 seconds
    }

    // Download sanitised document
    await DownloadDocument(httpClient, sanitisedDocumentUrl, apiKey, apiSecret, "sanitised_document.docx");
}

// Additional methods for upload, status check, and download would be implemented here

// JavaScript Example - Upload document and download sanitised version
const processDocument = async () => {
  const apiKey = 'your_api_key';
  const apiSecret = 'your_api_secret'; 
  const baseUrl = 'https://example-url.redeagle.tech/v1';

  // Create form data with file
  const formData = new FormData();
  const fileInput = document.getElementById('fileInput');
  formData.append('file', fileInput.files[0]);

  // Upload document
  const timestamp = Math.floor(Date.now() / 1000).toString();
  const signature = generateSignature('POST', '/v1/documents', apiKey, apiSecret, timestamp);

  const uploadResponse = await fetch(`${baseUrl}/documents`, {
    method: 'POST',
    headers: {
      'X-API-Key': apiKey,
      'X-Timestamp': timestamp,
      'X-Signature': signature
    },
    body: formData
  });

  const uploadResult = await uploadResponse.json();
  const documentId = uploadResult.documentId;

  // Poll for completion
  let sanitisedDocumentUrl = null;
  while (true) {
    const statusResponse = await checkStatus(baseUrl, apiKey, apiSecret, documentId);

    if (statusResponse.status === 'completed') {
      sanitisedDocumentUrl = statusResponse.sanitisedDocumentUrl;
      break;
    } else if (statusResponse.status === 'failed') {
      throw new Error('Document sanitisation failed');
    }

    // Wait 2 seconds before polling again
    await new Promise(resolve => setTimeout(resolve, 2000));
  }

  // Download sanitised document
  window.location.href = sanitisedDocumentUrl;
};

// Additional functions for authentication and status checks would be implemented here

# Python Example - Upload document and download sanitised version
import requests
import time
import hmac
import hashlib
import os
from datetime import datetime

def process_document(api_key, api_secret, file_path):
    base_url = "https://example-url.redeagle.tech/v1"

    # Upload document
    with open(file_path, 'rb') as f:
        timestamp = str(int(time.time()))
        signature = generate_signature("POST", "/v1/documents", api_key, api_secret, timestamp)

        headers = {
            'X-API-Key': api_key,
            'X-Timestamp': timestamp,
            'X-Signature': signature
        }

        files = {'file': f}
        response = requests.post(f"{base_url}/documents", headers=headers, files=files)
        response.raise_for_status()

        document_id = response.json()['documentId']

    # Poll for completion
    sanitised_document_url = None
    while True:
        status_response = check_status(base_url, api_key, api_secret, document_id)

        if status_response['status'] == 'completed':
            sanitised_document_url = status_response['sanitisedDocumentUrl']
            break
        elif status_response['status'] == 'failed':
            raise Exception("Document sanitisation failed")

        time.sleep(2)  # Poll every 2 seconds

    # Download sanitised document
    download_document(sanitised_document_url, api_key, api_secret, "sanitised_document.docx")

# Additional functions for authentication, status checks, and download would be implemented here

Limitations

  • File Size: Varies by plan tier
  • Rate Limits: Varies by plan tier
  • Storage: Configurable. Sanitised files can be retained securely for up to 7 days for support purposes, if required
  • Formats: Limited to the file types listed in the supported file formats section

Support

If you need assistance with the CDR API, you can:

Email Support

Contact our technical team

support@redeagle.tech
Knowledge Base

Browse our detailed guides

Visit Knowledge Base
Phone Support

Available for Enterprise plan

+44 (0)20 8044 3221

Ready to get started?

Contact us today to set up your CDR API account and start protecting your documents.

Request free consultation

Our partners

Microsoft Partner logo
CrowdStrike logo
Check Point logo
NinjaOne logo
QuickBooks logo
Shopify Partners logo
Axcient logo
Perimeter 81 logo