vaultdrop / sdk
VaultDrop PHP SDK — AES-256-GCM (compatible with the web app) and HTTP client for creating secure links
Maintainers
Requires
- php: ^8.1
- ext-json: *
- ext-openssl: *
- guzzlehttp/guzzle: ^7.8
Requires (Dev)
- phpunit/phpunit: ^10.5
This package is not auto-updated.
Last update: 2026-05-12 20:34:06 UTC
README
PHP library for VaultDrop: AES-256-GCM in the same format as the web app and the @vaultdrop/sdk JavaScript package, plus HTTP helpers to create secure links via the API.
Plaintext and keys stay on your machine; the API only receives ciphertext.
Requirements
- PHP 8.1+
- Extensions: openssl, json
- A VaultDrop API token and workspace id (from the dashboard or
GET /api/user).
Install
Local path (monorepo)
{
"repositories": [
{
"type": "path",
"url": "../VPPackage-PHP"
}
],
"require": {
"vaultdrop/sdk": "@dev"
}
}
Packagist
When published:
composer require vaultdrop/sdk
Usage
use Vaultdrop\Sdk\VaultDropClient;
$client = new VaultDropClient(
apiKey: getenv('VAULTDROP_API_KEY') ?: '',
workspaceId: 'ws-…',
options: [
// 'baseUrl' => 'https://api.vaultdrop.io',
// 'apiPrefix' => '/api/v1',
// 'shareUrlPrefix' => 'https://vaultdrop.io/en/view',
],
);
$result = $client->createSecureLink(
text: 'Secret message',
expiresAt: new DateTimeImmutable('+24 hours'),
);
echo $result->url; // Full share URL with #k=… fragment
echo $result->expiresAt->format(DATE_ATOM);
With attachments:
use Vaultdrop\Sdk\FileInput;
$result = $client->createSecureLink(
text: 'See attachment',
expiresAt: new DateTimeImmutable('+1 day'),
files: [
new FileInput(
name: 'notes.txt',
data: file_get_contents('/path/to/notes.txt') ?: '',
mimeType: 'text/plain',
),
],
);
Crypto only
Use Vaultdrop\Sdk\Crypto for the same JSON payload and file blob layout as the browser SDK (encryptPlaintextToBundle, encryptSecretBundle, decryptPayloadToPlaintext, decryptBinaryFileCiphertext).
API keys
Do not embed production API keys in public client code. Prefer a server you control that holds the token and calls this library.
License
MIT