Making Requests
Learn how to structure API requests, handle responses, and debug issues using request IDs.
Base URL
All API requests should be made to the following base URL:
https://dfir-lab.ch/api/v1Request Format
- All requests use JSON. Set
Content-Type: application/jsonon every request. - Use
POSTfor all analysis endpoints andGETfor health checks.
Required Headers
| Header | Required | Description |
|---|---|---|
Authorization | Yes | Bearer sk-dfir-your-key |
Content-Type | Yes | application/json |
Success Response Format
Every successful response wraps the result in a data object alongside a meta object containing request metadata.
{
"data": { ... },
"meta": {
"request_id": "req_abc123...",
"credits_used": 1,
"credits_remaining": 99,
"processing_time_ms": 145
}
}Error Response Format
When a request fails, the response contains an error object with a machine-readable type and code, a human-readable message, and the request ID.
{
"error": {
"type": "authentication_error",
"code": "api_key_invalid",
"message": "The API key provided is invalid",
"request_id": "req_abc123..."
}
}Response Headers
Every API response includes the following headers for tracking and rate limit management:
| Header | Description |
|---|---|
X-Request-Id | Unique request identifier |
X-RateLimit-Limit | Requests per minute allowed |
X-RateLimit-Remaining | Remaining requests in the current window |
X-RateLimit-Reset | Unix timestamp when the rate limit resets |
X-Credits-Used | Number of credits consumed by this request |
X-Credits-Remaining | Remaining credit balance after this request |
Request ID
Every API response includes a unique request_id (in both the response body and the X-Request-Id header). If you encounter unexpected behavior or need to contact support, include this identifier so we can quickly trace and debug the issue on our end.