Sign in, create a key, copy a command. The API controls rooms and receipts; file bytes still move directly between browsers over WebRTC.
No signup. We mint a key bound to this device fingerprint + IP. Rate-limit applies per fingerprint, not per account. Send it as Authorization: Bearer <key> for protected Clex api routes.
—
Copy these in order. The key command updates automatically after you create a key.
# 01. Save your API key
export CLEX_API_KEY='<YOUR_API_KEY>'
# 02. Upload a file via API
curl -X POST https://clex.in/vault/api/uploads \
-H "Authorization: Bearer $CLEX_API_KEY" \
-H "X-Filename: report.pdf" \
--data-binary @report.pdf
import os, requests
# Read file bytes and POST directly to Clex private upload
with open("report.pdf", "rb") as f:
r = requests.post(
"https://clex.in/vault/api/uploads",
headers={
"Authorization": f"Bearer {os.getenv('CLEX_API_KEY')}",
"X-Filename": "report.pdf",
"X-Expires-In": "86400",
},
data=f,
)
r.raise_for_status()
print(f"Share URL: {r.json()['shareUrl']}")
import { readFile } from 'node:fs/promises';
// Read file and POST directly to Clex API upload
const fileBuffer = await readFile('report.pdf');
const res = await fetch('https://clex.in/vault/api/uploads', {
method: 'POST',
headers: {
'Authorization': `Bearer ${process.env.CLEX_API_KEY}`,
'X-Filename': 'report.pdf',
},
body: fileBuffer,
});
if (!res.ok) throw new Error(`Upload failed: ${res.status}`);
const { shareUrl } = await res.json();
console.log(`Share URL: ${shareUrl}`);
Sign in once with Google, mint a key on your account page, then upload files with a single HTTP call. Each account can keep five active unlimited keys; revoke old keys before creating new ones.
/vault/api/uploads
Stable
Upload a file using a Bearer API key. Returns a share URL, an internal id, and rate-limit headers (X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset). The body is the raw file bytes; metadata travels in headers (X-Filename, optional X-Expires-In).
# curl
curl -X POST https://clex.in/vault/api/uploads \
-H "Authorization: Bearer clex_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" \
-H "X-Filename: report.pdf" \
-H "X-Expires-In: 86400" \
--data-binary @report.pdf
{
"id": "ap_…",
"shareToken": "K9M3JX72A8DR",
"shareUrl": "https://clex.in/share/K9M3JX72A8DR",
"downloadUrl": "https://…signed-supabase-url…",
"size": 524288,
"expiresAt": 1714972800
}
/vault/api/uploads
Python
import os, requests
with open("report.pdf", "rb") as f:
r = requests.post(
"https://clex.in/vault/api/uploads",
headers={
"Authorization": f"Bearer {os.environ['CLEX_API_KEY']}",
"X-Filename": "report.pdf",
"X-Expires-In": "86400",
},
data=f,
)
r.raise_for_status()
print(r.json()["shareUrl"])
/vault/api/uploads
Node / fetch
import { readFile } from 'node:fs/promises'
const body = await readFile('report.pdf')
const res = await fetch('https://clex.in/vault/api/uploads', {
method: 'POST',
headers: {
Authorization: `Bearer ${process.env.CLEX_API_KEY}`,
'X-Filename': 'report.pdf',
'X-Expires-In': '86400',
},
body,
})
if (!res.ok) throw new Error(`upload failed: ${res.status}`)
const { shareUrl } = await res.json()
console.log(shareUrl)
/vault/api/uploads
Stable
List uploads owned by the authenticated user. Authenticate via Bearer key (returns only that key's uploads) or X-Vault-UID (returns everything).
curl https://clex.in/vault/api/uploads \
-H "Authorization: Bearer $CLEX_API_KEY"
/vault/api/uploads/:id
Stable
Revoke an upload. Subsequent share-link hits return 410.
curl -X DELETE https://clex.in/vault/api/uploads/ap_xxx \
-H "Authorization: Bearer $CLEX_API_KEY"
X-Expires-In in seconds.Import our docs into your LLM, or run our WebRTC-based CLI tools directly from your terminal.
One click to prompt ChatGPT, Claude, or Cursor with any API reference.
Let your AI agent orchestrate local and direct transfers in the shell.
Orchestrates rooms, authenticates secure keys, and stores upload metadata. No raw file bytes are kept on Clex servers.
Facilitates peer discovery by relaying WebRTC handshake offers, answers, and ICE routing descriptors in real-time.
Pipes file data chunks directly between user devices (browser-to-browser), preserving client privacy and encryption.
Open the workspace, send a file, then use the API page for developer access.