Skip to main content

Authentication

All API requests require a valid API key. You can find or generate your key in Settings → API Keys.
You can only generate one API key per minute. If your key is ever leaked, you can regenerate it from the Settings page — this will immediately invalidate the old key.

Endpoint

POST https://soteria.rip/api/obfuscate
Send your Lua script as a JSON request with the code as a string under the code field, and your API key in the x-api-key header.

Request Body

{
  "code": "-- your lua source..."
}
FieldTypeDescription
codestringThe Lua script to obfuscate. Max 100KB.

Response

{
  "code": "-- obfuscated lua source...",
  "tokens": 9842
}
FieldTypeDescription
codestringThe obfuscated Lua script.
tokensnumberRemaining tokens on your account after this request.

Examples

async function obfuscate(script, apiKey) {
  const res = await fetch("https://soteria.rip/api/obfuscate", {
    method: "POST",
    headers: {
      "Content-Type": "application/json",
      "x-api-key": apiKey,
    },
    body: JSON.stringify({ code: script }),
  });

  if (!res.ok) {
    throw new Error(`Request failed: ${res.status} ${res.statusText}`);
  }

  const data = await res.json();
  console.log("Tokens remaining:", data.tokens);
  return data.code;
}

const script = `print("Hello, World!")`;
obfuscate(script, "YOUR_API_KEY").then((code) => {
  console.log(code);
});

API Key Management

Navigate to Settings → API Keys. Your key is shown there. If you haven’t generated one yet, click Generate.
If your API key is ever exposed, go to Settings → API Keys and click Generate New. Your old key is immediately invalidated. Note that you can only generate a new key once per minute.
API key generation is limited to once per minute. Script obfuscation requests are subject to your account’s token balance — each request deducts one token per obfuscation.