The EchoMark API allows developers to embed forensic watermarking directly into existing applications and workflows
.png)
Organizations that take information protection seriously want forensic watermarking embedded directly into the flow of their work – in the document management platforms they’ve built, in the file-sharing workflows their teams rely upon, and in the custom applications that handle their most sensitive content. Quite simply, they want watermarking to happen automatically, at the point of distribution, without adding a separate step or tool.
Today, we’re making that straightforward. The EchoMark API is now available in multi-tenant SaaS for licensed customers. Developers can authenticate, make a call, and have a forensically watermarked document returned nearly instantly. No infrastructure to provision, no appliance to manage, and no deployment project to scope – solving the friction between protecting information and a seamless user experience. Read on to learn more.
The EchoMark API allows developers to connect applications, internal tools, and custom document workflows directly to EchoMark, leveraging the same services used by our fully-managed solutions. Using the API, build an integration that uploads documents to an existing EchoMark account and tenant, enabling programmatic retrieval of marked copies for recipients as needed.
This allows security to become a quiet infrastructure layer; for example, a law firm with a client document portal can ensure every download is uniquely protected without the attorney or client ever having to log into a separate security tool. Should a leak occur, an investigation can be started in the EchoMark web app.
Developers can begin using the API in minutes without needing to contact EchoMark directly, however an EchoMark administrator will need to create an API client in the EchoMark web application first. The general flow is outlined below and full technical details and developer resources can be found in the EchoMark support documentation.
Access: The API uses OAuth2 for authorization. To request an access token, create a Base64-encoded string with Client credentials and make a POST call to the EchoMark token endpoint. The response will contain the access token with key details and remain valid for 60 minutes.
Uploading a file: To upload a file to be marked, make a GET call to obtain a file upload URL, then upload the file to be marked to the URL provided. Files are stored securely in EchoMark’s cloud document storage and deleted once upload has been completed.
Marking the file: To request a marked copy of the uploaded file, make a POST request to the marked-copy endpoint, specifying the recipients. To determine status of marking, poll for the status of marked copies. Once marking is completed, the poll will indicate a FINISHED status, and return a URL to download the file.
Conducting an investigation: To initiate an investigation, follow the standard steps in app.echomark.com, uploading the leaked artifact, which will result in an investigation report.
Sensitive information often moves through multiple systems, including custom systems and apps, before it leaks. The EchoMark API enables forensic watermarking to be embedded directly into those applications automatically at the point of distribution. Whether that’s a law firm automating watermarking into a client document portal, a financial institution integrating watermarks into a proprietary deal-room platform, or an enterprise security team embedding attribution into an internal content distribution system – protection from information leaks is just a few API calls away.
----------
EchoMark embeds invisible, individualized watermarks into emails, documents, images, and screens. When sensitive information leaks, EchoMark identifies whose copy was leaked — in minutes, with forensic evidence.
.png)
