Appearance
Obfuscator API quickstart
Base URL: your Sinister host (same as SinisterClient downloads), e.g. https://app.sinistersoftworks.xyz
Auth header on all endpoints except public preset and plan lists:
X-Obf-Key: OBF-…Keys are issued by staff and start with OBF-.
List presets
http
GET /api/v1/obfuscate/presetsNo auth. Returns standard, aggressive, maximum, tier_c metadata.
Check quota
http
GET /api/v1/obfuscate/quota
X-Obf-Key: your-key-hereResponse fields: presetMax, allowedPresets, dailyJobs, jobsToday, maxBytes, totalJobs.
Submit job
http
POST /api/v1/obfuscate
Content-Type: application/json
X-Obf-Key: your-key-here
{
"source": "print('hello')",
"preset": "standard"
}Optional bind_key for tier_c preset (defaults to your API key if omitted).
Returns HTTP 202:
json
{
"jobId": "…",
"status": "queued",
"pollUrl": "/api/v1/obfuscate/jobs/…"
}Poll until ready
http
GET /api/v1/obfuscate/jobs/{jobId}
X-Obf-Key: your-key-hereStatuses: queued, processing, ready, failed.
When ready, response includes output with obfuscated Lua string.
Errors
| Code | Meaning |
|---|---|
| 401 | Missing or invalid key |
| 429 | Daily quota exhausted |
| 400 | Syntax error, empty source, or size over limit |
| 503 | Obfuscator service not running on host |
curl example
bash
curl -s -H "X-Obf-Key: YOUR_KEY" https://app.example.com/api/v1/obfuscate/quota
curl -s -X POST https://app.example.com/api/v1/obfuscate \
-H "Content-Type: application/json" \
-H "X-Obf-Key: YOUR_KEY" \
-d "{\"source\":\"print(1)\",\"preset\":\"standard\"}"Replace host and key. Poll the returned pollUrl until ready.
Staff reference: internal Obfuscator API page for admin key issuance and route wiring notes.
