API Reference Coffrify v#0.9.0

Official Elixir client for the Coffrify API.

Low-level HTTP client used by every resource module.

Errors raised by the Coffrify SDK.

HTTP 400 — request was malformed.

Raised when the local circuit breaker is open and rejects the request.

HTTP 409 — current state forbids the action (e.g. duplicate key).

HTTP 403 — API key valid but lacks the required scope/plan.

Raised at client construction when the API key has an unknown prefix.

HTTP 404 — resource does not exist or is not visible to your key.

HTTP 429 — workspace exceeded its API rate limit.

HTTP 5xx — upstream Coffrify server error. Safe to retry.

Network-level failure (timeout, TCP reset, TLS error, DNS).

HTTP 401 — API key missing, malformed, or revoked.

HTTP 422 — request was well-formed but semantically invalid.

Drop-in Phoenix controller mixin for handling Coffrify webhooks.

Plug that verifies a Coffrify webhook signature and assigns the parsed event to conn.assigns[:coffrify_event].

Alert rules — fire on download count, rate, failed password, geo, expiration.

Workspace analytics — counts, storage, bandwidth, top transfers.

API keys — cof_* strings used to authenticate Coffrify API requests.

Delegated upload tokens — single-use credentials minted server-side and handed to client uploaders. Distinct from Coffrify.Resources.ApiKeys.

Audit log — every privileged action in the workspace.

Stripe-backed billing — subscription, usage, address, portal/checkout links.

Workspace branding — colors, logos, footer, Slack/Discord/Teams webhooks.

Public Coffrify changelog — features, fixes, security, perf.

Coffres — mini document vaults bundling transfers + external links.

Collections — public landing pages bundling multiple transfers.

Custom domains — CNAME → coffrify.fr aliasing for branded share URLs.

Per-transfer download log.

Folders — organize transfers in named buckets.

GDPR exports — Art. 20 portability.

GDPR extras — deletion, consent log, retention policy, acceptances.

One-shot, pre-authenticated download URLs.

Marketing and public-surface endpoints — newsletter, blog, docs, legal, pricing, subprocessors, DPO contact.

Workspace members + invitations.

Multi-factor authentication — status, enrollment, recovery codes.

Per-user notification preferences.

Workspace quotas — storage, bandwidth, active transfers, throughput.

Address book — saved recipient emails.

Request inboxes — drop-box endpoints that collect files from third parties.

Persistent shared spaces (Coffrify Rooms).

SCIM 2.0 — user provisioning tokens and audit log (Enterprise plan).

User sessions — devices, IPs, MFA status.

SAML 2.0 SSO configuration (Enterprise plan).

Public Coffrify status page — services + incidents.

Transfer templates — reusable presets for expiration, password, geo, watermark.

Transfers — Coffrify's core file-sharing primitive.

Webhook extras — delivery deep-inspection, search, health metrics.

Webhook subscriptions.

Workspace extras — transfer-email, activity feed, status subscribe, global search, transfer export, health score, tier recommendation.

A GenServer-based circuit breaker that guards a remote endpoint from cascading failure.

Behaviour for Idempotency-Key persistence — survives crashes between retry attempts.

In-memory idempotency store backed by an Agent. Process-local only — use this for tests, single-process apps, or as a development default.

Redis-backed idempotency store. Pass any Redix-compatible PID (or registered name) under :conn.

Stream-based pagination — works for every { data: [...], has_more, next_cursor } list endpoint.

Client-side rate limiting. Use to stay below plan caps without hitting 429s.

Leaky bucket — paces requests at a steady drain rate. Rejects with {:error, :overflow} when the queue is saturated.

Classic token bucket. Allows bursts up to capacity and refills at refill_per_second tokens/second.

Pluggable retry policies used by Coffrify.Client and exposed for user code.

AWS-style decorrelated jitter — smoother than vanilla exponential. Holds the last computed delay in process state via the closure.

Exponential backoff with jitter: base * 2^attempt, capped at max_delay_ms. Honors a server-supplied Retry-After when present.

Fibonacci-spaced backoff — softer than exponential, friendly to busy endpoints (1, 1, 2, 3, 5, 8, 13, …).

Fixed delay between attempts.

Behaviour every retry policy must implement.

Thin wrappers around :telemetry.execute/3.

Replay-protection store for webhook deliveries — prevents double-processing when a sender retries a delivery.

In-memory replay store. Process-local; suitable for single-node deployments or tests.

Redis-backed replay store. Atomic SET NX EX across nodes.

Test helpers for apps consuming the Coffrify Elixir SDK.

Minimal but realistic response fixtures for tests. All builders accept a map of overrides that is shallow-merged into the default.

Static catalog of every Coffrify webhook event. Mirrors the JS catalog bundled with @coffrify/sdk and the server endpoint GET /v1/webhooks/events.

Verify Coffrify webhook signatures.