# Session less usage of the API key with remote decryption

# Preamble

Psono allows to access secrets with simple tools like for example curl. In addition to the possibility to allow the server to handle the decryption, psono allows you to filter the content. This makes it very simple to retrieve e.g. passwords with curl without the need to handle the returned json object.

WARNING

We highly discourage the usage of the session less usage with remote decryption.

# Example with cURL

curl -X POST \
  https://example.com/server/api-key-access/secret/ \
  -H 'content-type: multipart/form-data' \
  -F api_key_id=5e...af \
  -F secret_id=e4...d9 \
  -F api_key_secret_key=fd...31

Returns the decrypted and json encoded secret.

# Example with cURL and json_filter

You can filter that json on the server to only return parts of it (e.g. only the password) by providing a "json_filter". which is a dot separated path to the desired element.

e.g. only "website_password_password" or "website_password_note.something"

The request would look like this:

curl -X POST \
  https://example.com/server/api-key-access/secret/ \
  -H 'content-type: multipart/form-data' \
  -F api_key_id=5e...af \
  -F secret_id=e4...d9 \
  -F api_key_secret_key=fd...31 \
  -F json_filter=website_password_password.something