RESTAPI:Revoking a Transfer

Aus Cryptshare Documentation
Wechseln zu:Navigation, Suche
Minimum REST API Version
This endpoint requires at least the Cryptshare REST API version 1.10.
Please note that the Cryptshare Server only allows this operation for a verified sender email address (see Verification).

With this endpoint, a sender of a sent transfer is able to make this transfer inaccessible. After performing the revocation, the transfer files will be deleted from the Cryptshare server and cannot be downloaded anymore. By default, the sender and the recipient will receive a pre-configured revocation notifications that the transfer is now not accessible anymore. After revocation the transfer's metadata are still available on the Cryptshare server and can still be accessed via the Sender Transfer Polling endpoint.

Reasons for the need of revocations might be

  • The transfer contains outdated information and was obsoleted by a new transfer.
  • The sender chose the wrong recipient(s) for this transfer.
  • Due to security or regulatory reasons, e.g. immediately after a transfer was downloaded.


More general information regarding the revocation of transfers can be found in the Cryptshare Server documentation.

Revocation is only available for the sender of a specific transfer. This means, a sender cannot revoke a transfer from another sender.

Only transfers that are still available for recipients (transfer status: active) can be revoked. Already expired transfers cannot be revoked.


PATCH https://<your-url>/api/users/<sender email-address>/transfers/<tracking-id>

The request body
Field name Type
status TransferRevocationStatus (required)
revocationOptions TransferRevocationOptions
The TransferRevocationStatus object
Field name Value Remarks
state DELETED_BY_REVOCATION required
The TransferRevocationOptions object
Field name Value Type Remarks Default value
notifySender boolean optional true
notifyRecipients boolean optional true
message markdown string optional set via installed language pack and language from Accept-Language header

The language for the default sender and recipient revocation notification can be configured by defining a locale via the Accept-Language header for this request.