# ROOTKey ## Docs - [Authentication](https://docs.rootkey.ai/api-reference/auth.md) - [Errors](https://docs.rootkey.ai/api-reference/errors.md): Troubleshooting has never been easier than with this guide. - [API Overview](https://docs.rootkey.ai/api-reference/overview.md): Everything you need to integrate with ROOTKey - base URL, authentication, versioning, and where to find what. - [Analyse creation of vaults over time](https://docs.rootkey.ai/api-reference/platform/endpoint/analytics/analyse-creation-of-vaults-over-time.md): Vaults creation over time - [Analyse files x validations](https://docs.rootkey.ai/api-reference/platform/endpoint/analytics/analyse-files-x-validations.md): Analytics relating files and validations - [Create a new file](https://docs.rootkey.ai/api-reference/platform/endpoint/files/create-file.md) - [Create new file version](https://docs.rootkey.ai/api-reference/platform/endpoint/files/create-file-versions.md) - [Get file by ID](https://docs.rootkey.ai/api-reference/platform/endpoint/files/get-file-by-id.md) - [List file versions](https://docs.rootkey.ai/api-reference/platform/endpoint/files/get-file-versions.md) - [List files from a vault](https://docs.rootkey.ai/api-reference/platform/endpoint/files/get-files.md) - [File action history](https://docs.rootkey.ai/api-reference/platform/endpoint/files/get-files-history.md) - [File validation history](https://docs.rootkey.ai/api-reference/platform/endpoint/files/get-files-validations.md) - [Transfer file to another vault](https://docs.rootkey.ai/api-reference/platform/endpoint/files/transfer-file.md) - [Validate file](https://docs.rootkey.ai/api-reference/platform/endpoint/files/validate-file.md): Validate the integrity, authenticity and ownership of a file by comparing it with a trusted version - [Records](https://docs.rootkey.ai/api-reference/platform/endpoint/records/overview.md): Individual record management within ROOTKey tables. Create, validate, and retrieve records with full integrity anchoring and version history. - [Get recovery operation](https://docs.rootkey.ai/api-reference/platform/endpoint/recovery/get-recovery-details.md): Returns the details and current status of a specific recovery operation. - [Recovery audit log](https://docs.rootkey.ai/api-reference/platform/endpoint/recovery/get-recovery-history.md): Returns the full audit log of recovery operations performed within the workspace - who requested each recovery, when, and the outcome. - [List recoverable items](https://docs.rootkey.ai/api-reference/platform/endpoint/recovery/list-recoverable-items.md): Returns all soft-deleted vaults and files within the workspace that are eligible for recovery. Items are retained in a recoverable state for a configurable retention window before permanent deletion. - [Recover a file](https://docs.rootkey.ai/api-reference/platform/endpoint/recovery/recover-file.md): Restores a soft-deleted file to its vault. All versions of the file are restored. The file's blockchain anchors remain valid - the on-chain integrity proofs were not affected by deletion. - [Recover a vault](https://docs.rootkey.ai/api-reference/platform/endpoint/recovery/recover-vault.md): Restores a soft-deleted vault to active status. All files and records within the vault are restored. The vault's blockchain anchors and integrity proofs are unaffected - blockchain records are immutable and were never deleted. - [Get healthz](https://docs.rootkey.ai/api-reference/platform/endpoint/status/get-healthz.md): Check the status of the API on the selected version - [Create vault](https://docs.rootkey.ai/api-reference/platform/endpoint/vaults/create-vault.md): Create a new vault - [Deactivate vault](https://docs.rootkey.ai/api-reference/platform/endpoint/vaults/deactivate-vault.md): Deactivate a vault - [Delete vault](https://docs.rootkey.ai/api-reference/platform/endpoint/vaults/delete-vault.md): Delete a vault - [Reactivate vault](https://docs.rootkey.ai/api-reference/platform/endpoint/vaults/reactivate-vault.md): Reactivate a vault - [Update vault](https://docs.rootkey.ai/api-reference/platform/endpoint/vaults/update-vault.md): Update a vault - [Status](https://docs.rootkey.ai/api-reference/status.md): Check the status of the API on the selected version - [EU AI Act](https://docs.rootkey.ai/compliance/eu/ai-act.md): How ROOTKey helps AI providers and deployers meet the record-keeping, logging, conformity documentation, and audit trail requirements of the EU Artificial Intelligence Act (EU 2024/1689). - [CSDDD - EU Supply Chain Due Diligence](https://docs.rootkey.ai/compliance/eu/csddd.md): How ROOTKey helps companies meet the supply chain provenance, traceability, and due diligence documentation requirements of the Corporate Sustainability Due Diligence Directive. - [DORA - Digital Operational Resilience Act](https://docs.rootkey.ai/compliance/eu/dora.md): How ROOTKey helps financial entities meet the ICT risk management, incident management, and third-party risk requirements of DORA (EU 2022/2554). - [eIDAS 2.0](https://docs.rootkey.ai/compliance/eu/eidas.md): How ROOTKey's blockchain anchoring aligns with the qualified electronic timestamp requirements of eIDAS 2.0 - providing legally recognised time-of-existence proof for digital records. - [GDPR / RGPD](https://docs.rootkey.ai/compliance/eu/gdpr.md): How ROOTKey supports GDPR compliance - integrity and confidentiality of personal data, security of processing, breach notification evidence, and GDPR-compatible off-chain erasure. - [NIS2 Directive](https://docs.rootkey.ai/compliance/eu/nis2.md): How ROOTKey helps Essential and Important entities meet the cybersecurity risk management, audit, and incident reporting requirements of the NIS2 Directive (EU 2022/2555). - [IEC 62443](https://docs.rootkey.ai/compliance/international/iec-62443.md): How ROOTKey addresses the data integrity and audit logging requirements of IEC 62443 for Industrial Automation and Control Systems (IACS) - without disrupting OT network architecture. - [ISO 27001](https://docs.rootkey.ai/compliance/international/iso-27001.md): How ROOTKey maps to the logging, record protection, and configuration management controls of ISO/IEC 27001:2022 - supporting certification and audit evidence requirements. - [ISO 28000](https://docs.rootkey.ai/compliance/international/iso-28000.md): How ROOTKey supports ISO 28000:2022 supply chain security management system requirements - providing tamper-evident custody records and multi-party traceability. - [PCI-DSS v4.0](https://docs.rootkey.ai/compliance/international/pci-dss.md): How ROOTKey addresses the audit log integrity and tamper-evidence requirements of PCI-DSS v4.0 - protecting the cardholder data environment from undetected log manipulation. - [Compliance Coverage](https://docs.rootkey.ai/compliance/overview.md): ROOTKey provides cryptographic data integrity infrastructure that addresses audit evidence, record protection, and tamper-evident logging requirements across EU law, international standards, and sector-specific regulatory frameworks. - [21 CFR Part 11](https://docs.rootkey.ai/compliance/us/21-cfr-part-11.md): How ROOTKey addresses the electronic record integrity, audit trail, and validation requirements of FDA 21 CFR Part 11 - for pharmaceutical, biotech, and medical device manufacturers submitting to the FDA. - [SOX - Sarbanes-Oxley Act](https://docs.rootkey.ai/compliance/us/sox.md): How ROOTKey supports SOX Section 302 and 404 internal control evidence requirements - providing tamper-evident, independently verifiable financial record-keeping audit trails. - [ROOTKey Documentation](https://docs.rootkey.ai/introduction.md): Enterprise cyber resilience infrastructure - blockchain-backed data integrity, validation, and audit trail APIs for critical systems. - [API Keys](https://docs.rootkey.ai/pages/api-keys.md): Generate and manage ROOTKey API keys for sandbox and production environments. Step-by-step guide for authenticating API requests. - [API Versioning](https://docs.rootkey.ai/pages/api-versioning.md): ROOTKey's API versioning policy, deprecation timelines, and guidance for staying current with platform evolution. - [Competitive Comparison](https://docs.rootkey.ai/pages/comparison.md): How ROOTKey compares to other cyber resilience, data integrity, and blockchain anchoring platforms across deployment models, integrity guarantees, sovereignty, and trust architecture. - [Concepts](https://docs.rootkey.ai/pages/concepts.md): Core terminology and data model for the ROOTKey platform - understand the building blocks before integrating. - [European Data Sovereignty](https://docs.rootkey.ai/pages/data-sovereignty.md): ROOTKey's infrastructure stack, sovereignty levels by deployment configuration, and the 100% EU-sovereign mode using EBSI and OVH - for organisations with strict data residency requirements. - [API Integration](https://docs.rootkey.ai/pages/deployment/api-integration.md): Standard REST API integration over HTTPS. The fastest path to ROOTKey for web applications, SaaS platforms, and microservices - no infrastructure overhead. - [Container Deployment](https://docs.rootkey.ai/pages/deployment/container.md): ROOTKey packaged as Docker images and Kubernetes-native Helm charts. Designed for cloud-native environments, DevOps teams, and organisations operating at infrastructure scale. - [MQTT Integration](https://docs.rootkey.ai/pages/deployment/mqtt.md): Event-driven ROOTKey integration over the MQTT protocol. Purpose-built for IoT devices, industrial systems, and real-time data pipelines where REST is not the right transport. - [Native Integrations](https://docs.rootkey.ai/pages/deployment/native.md): ROOTKey embedded directly into CRMs, ERPs, and enterprise platforms. Built to specification through ROOTKey's engineering team or certified partner network. - [On-Premise Deployment](https://docs.rootkey.ai/pages/deployment/on-premise.md): ROOTKey deployed within your own infrastructure. Full data sovereignty, network isolation, and compliance with the strictest regulatory requirements - without sacrificing platform capability. - [Deployment Methods](https://docs.rootkey.ai/pages/deployment/overview.md): ROOTKey integration and deployment models - from standard REST API to on-premise, containerised, MQTT, and native integrations. Every architecture is supported. - [Environments](https://docs.rootkey.ai/pages/environments.md): ROOTKey provides two separate API environments - a development endpoint for testing and a production endpoint for live operations. Switch by changing the base URL and API key. - [FAQ](https://docs.rootkey.ai/pages/faq.md): Answers to common questions about ROOTKey's architecture, security, integration, and pricing. - [Quickstart](https://docs.rootkey.ai/pages/overview.md): Integrate ROOTKey in under 5 minutes. Create a vault, generate an API key, and anchor your first record to the Polygon blockchain - sandbox environment, no cost. - [Pricing](https://docs.rootkey.ai/pages/pricing.md): ROOTKey uses a credit-based pricing model. Review plan notes, support availability, and enterprise options - with links to the full plan comparison. - [Protocols](https://docs.rootkey.ai/pages/protocols/overview.md): ROOTKey data processing protocols - understand the architecture, performance profile, sovereignty level, and compliance alignment of every integration model. - [RKP-1 Enhanced EU - Full On-Chain, EU Cloud](https://docs.rootkey.ai/pages/protocols/rkp-1-eu.md): Full on-chain integrity anchoring on Polygon, with all off-chain data and API processing hosted on OVH - EU-incorporated cloud with no US parent company and no CLOUD Act exposure. - [RKP-1 - Full On-Chain](https://docs.rootkey.ai/pages/protocols/rkp-1-on-chain.md): Every operation is anchored directly to the Polygon blockchain. Maximum verifiability, immutability by design, and decentralised trust - no reliance on ROOTKey infrastructure for validation. - [RKP-1 Sovereign EU - Full On-Chain, 100% EU](https://docs.rootkey.ai/pages/protocols/rkp-1-sovereign.md): Full on-chain integrity anchoring on EBSI (European Blockchain Services Infrastructure), with all processing and storage on OVH. No data or proof leaves EU legal jurisdiction at any point. - [RKP-2 Enhanced EU - Off-Chain, EU Cloud](https://docs.rootkey.ai/pages/protocols/rkp-2-eu.md): High-frequency off-chain anchoring with all data and processing hosted on OVH - EU-incorporated cloud, no US parent company, no CLOUD Act exposure. Suitable for IoT, sensor, and high-volume EU-sovereign workloads. - [RKP-2 - Off-Chain](https://docs.rootkey.ai/pages/protocols/rkp-2-off-chain.md): High-throughput data processing with cryptographic proof anchored on-chain. Optimised for speed, volume, and cost - without sacrificing verifiability. - [RKP-2 Sovereign EU - Off-Chain, On-Premise EU](https://docs.rootkey.ai/pages/protocols/rkp-2-sovereign.md): High-frequency off-chain anchoring deployed entirely within the customer's own EU infrastructure - no data leaves the organisation's perimeter, while integrity proofs are anchored to EBSI on demand. - [RKP-3 Enhanced EU - Hybrid, EU Cloud](https://docs.rootkey.ai/pages/protocols/rkp-3-eu.md): Hybrid on-chain/off-chain anchoring on Polygon with all processing and storage on OVH - EU cloud sovereignty for mixed enterprise workloads that combine high-frequency telemetry with audit-grade on-chain records. - [RKP-3 - Hybrid](https://docs.rootkey.ai/pages/protocols/rkp-3-hybrid.md): On-chain anchoring combined with off-chain processing. Designed for complex enterprise workflows that require both auditability and performance - without compromise on either. - [RKP-3 Sovereign EU - Hybrid, 100% EU](https://docs.rootkey.ai/pages/protocols/rkp-3-sovereign.md): Hybrid on-chain/off-chain anchoring with EBSI for on-chain records and OVH for all processing and storage. No data or proof leaves EU legal jurisdiction. The highest-sovereignty configuration for mixed enterprise workloads. - [Rate Limits](https://docs.rootkey.ai/pages/rate-limits.md): API throughput limits, burst behaviour, and retry guidance for all ROOTKey plans. - [SDKs & Libraries](https://docs.rootkey.ai/pages/sdks.md): Client libraries, code examples, and integration resources for the ROOTKey API. - [Security & Trust](https://docs.rootkey.ai/pages/security-and-compliance.md): ROOTKey's security architecture, data handling practices, compliance posture, and responsible disclosure process. - [Support](https://docs.rootkey.ai/pages/support.md): Contact ROOTKey support - email, business hours, and escalation paths for platform, API, and enterprise integration questions. - [Webhooks](https://docs.rootkey.ai/pages/webhooks.md): Receive real-time HTTP notifications when asynchronous ROOTKey operations complete - blockchain anchoring, validation results, and lifecycle events. - [AI System Integrity & Auditability](https://docs.rootkey.ai/use-cases/ai-integrity.md): Anchor AI model versions, training data provenance, decision logs, and conformity assessment records - building the tamper-evident audit trail that high-risk AI systems require under the EU AI Act and enterprise governance frameworks. - [Tamper-Evident Document Management](https://docs.rootkey.ai/use-cases/document-integrity.md): Anchor documents at creation or approval and prove their integrity to any third party - without relying on a trusted intermediary or a centralised record system. - [Healthcare & Life Sciences](https://docs.rootkey.ai/use-cases/healthcare.md): Integrity-protect clinical data, trial records, and patient information at scale - with GDPR erasure compatibility and cryptographic auditability for regulatory submissions and post-market surveillance. - [IoT & Industrial Data Integrity](https://docs.rootkey.ai/use-cases/iot-industrial.md): Protect sensor data, SCADA events, and OT telemetry at source. High-frequency integrity anchoring over MQTT without disrupting existing OT network architecture. - [Use Cases](https://docs.rootkey.ai/use-cases/overview.md): How organisations use ROOTKey to enforce data integrity, meet regulatory obligations, and build trust into critical systems - with implementation guidance for each scenario. - [Regulatory Compliance & Audit Trails](https://docs.rootkey.ai/use-cases/regulatory-audit-trails.md): Build immutable, independently verifiable audit trails for NIS2, DORA, ISO 27001, and financial regulatory frameworks - evidence that holds up under adversarial scrutiny. - [Software & Artifact Integrity](https://docs.rootkey.ai/use-cases/software-integrity.md): Anchor build artifacts, container images, and release packages in CI/CD pipelines. Detect tampering between build and deployment with cryptographic evidence - and prove the integrity of every release to customers and auditors. - [Supply Chain Traceability](https://docs.rootkey.ai/use-cases/supply-chain.md): Anchor custody events and provenance data across multi-party supply chains. Any participant - including regulators - can verify product authenticity independently, without trusting any single party. ## OpenAPI Specs - [openapi-v2](https://docs.rootkey.ai/api-reference/openapi-v2.json) ## Optional - [Request a Demo](https://rootkey.ai/contact?utm_source=api_docs&utm_medium=side_bar_anchors&utm_content=demo) - [Enterprise](https://rootkey.ai/enterprise?utm_source=api_docs&utm_medium=side_bar_anchors&utm_content=enterprise)