The two-minute version
- Generate an API key in Settings then API keys (it starts with
fsk_). - Add the
fileseal-sendMCP server to your agent, or send onecurlto the REST API. - The agent calls
secure_send; FileSeal encrypts the file and returns a one-time link. - Relay the link. It opens once, then the file is permanently deleted, with the collection logged.
Prefer to read the reference first? See the Secure Send API docs or the developer overview.
Why Agents Need a Secure Hand-Off
As agents move from answering questions to doing work, they start producing files a person actually needs to keep: a drafted contract, a financial summary, an extract from an identity document, a medical letter. At that point the agent faces a problem every developer eventually hits. How do you get the file out, to a specific human, without leaving it lying around?
The default answers are all weak. Pasting the contents into a chat window or an email puts sensitive data into systems that keep it indefinitely and forward it freely. A raw presigned storage URL is better, but it has no expiry by design, can be opened any number of times, and leaves no record of who collected it or when. None of these were built to hand a regulated document to one person and then forget it ever existed.
A secure hand-off needs four things: the file is encrypted before it leaves the machine, the link works exactly once, the file is deleted after collection, and the whole exchange is logged. FileSeal’s Secure Send API gives an agent that channel in a single tool call, so the agent never has to implement encryption, expiry, or deletion itself.
Give your agent a secure send tool
A one-time, AES-256 encrypted, auto-deleting link from a single tool call or REST request. UK-hosted, with an audit trail.
Set It Up in Two Minutes
Step 1: Generate an API key
Create a FileSeal account, then open Settings then API keys and generate a key. The full secret is shown only once, so copy it straight into your environment as FILESEAL_API_KEY. Treat it like a password: it can create sends on your account. You can revoke any key from the same screen, and a revoked key stops working immediately.
Step 2 (MCP): Add the fileseal-send server
Register the fileseal-sendMCP server in your agent’s config. Set both the key and the base URL, otherwise the server points at localhost:
{
"mcpServers": {
"fileseal-send": {
"command": "node",
"args": ["mcp/fileseal-send/index.mjs"],
"env": {
"FILESEAL_API_KEY": "fsk_your_key_here",
"FILESEAL_API_BASE_URL": "https://fileseal.uk"
}
}
}
}That is the whole integration. The server exposes three tools: secure_send to encrypt a file and create the send, send_status to check status and audit events, and revoke_send to cancel a send before it is opened. The server does the client-side encryption for you, so the agent just points at a file and gets back a link.
Step 2 (REST): Or send one request
Not using MCP? Encrypt the file client-side, base64-encode the ciphertext, and POST it. The response gives you the claim link, the expiry, and the seal id:
curl -X POST https://fileseal.uk/v1/sends \
-H "Authorization: Bearer $FILESEAL_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"deliveryMode": "link",
"expiryHours": 48,
"files": [{
"filename": "summary.pdf",
"mimeType": "application/pdf",
"ciphertextBase64": "<[12-byte IV][AES-GCM ciphertext], base64>"
}]
}'Step 3: Relay the link
In the default link mode the response is the base claim URL, and the AES key lives in the link’s #k= fragment. The MCP tool assembles the full link for you; over REST you append the fragment yourself, so FileSeal never receives the key. Hand that link to the recipient through whatever channel you like. They click it once, the file decrypts in their browser, and it is gone from FileSeal straight after.
How the File Stays Secure
The file is encrypted with AES-GCM-256 before it is uploaded, so the bytes that reach FileSeal are already ciphertext. The link works once: after the first download the seal is burned and the file is permanently deleted, not just hidden. Every send and every collection is written to an audit trail you can read back through send_status. And everything is hosted in the UK (London), so the data never leaves the jurisdiction.
Link mode vs email mode (stated honestly)
The API and MCP server default to link mode, which is zero-knowledge: the key stays in the link fragment, browsers never send fragments to the server, so FileSeal stores ciphertext it genuinely cannot read. Your agent relays the link.
If you would rather FileSeal emailed the recipient a working link, pass deliveryMode: "email" with a recipient address. That is still AES-256 encrypted and safe from outsiders, but in that mode FileSeal holds the key so it can build the email, so it is not zero-knowledge. Same encryption, different key custody. Choose per send.
What the agent gets, per send
- Client-side AES-GCM-256 encryption, zero-knowledge by default
- One-time link that auto-deletes the file after collection
- Configurable expiry from 1 to 168 hours (default 48)
- A readable audit trail of every send and collection
- UK hosting (London), so data stays in jurisdiction
Frequently Asked Questions
How do I let an AI agent send a file securely?
Add the fileseal-send MCP server to your agent and call its secure_send tool, or call POST https://fileseal.uk/v1/sends directly. Either way the recipient gets a one-time, AES-256 encrypted link that auto-deletes after download.
Is the file zero-knowledge?
By default, yes. Link mode keeps the key in the link fragment, so FileSeal stores ciphertext it cannot read. The opt-in email mode stores the key so FileSeal can email a working link; it is the same encryption with different key custody.
What file types and sizes are supported?
PDF, DOC, DOCX, TXT, JPG and PNG, up to 10 MB per file and 10 files per send. In this first release the encrypted payload is sent inline, so the practical per-request ceiling is the platform body limit; a scoped upload for larger files is on the roadmap.
Can I cancel a send before it is opened?
Yes. Call revoke_send (or DELETE /v1/sends/:id). It deletes the stored ciphertext and marks the send revoked. If the recipient has already collected the file, the call reports that instead.
Keep reading
- Secure Send API documentation. The full REST and MCP reference: auth, endpoints, encryption and errors.
- Developer overview. What the Secure Send API does and why agents need it.
- Get a Link vs Email Them. The same key-custody choice, explained for non-developers.
Ship a secure file hand-off for your agent
One tool call returns a one-time, AES-256 encrypted, auto-deleting link. UK-hosted, audited, zero-knowledge by default.
Written by the FileSeal security and compliance team. We specialise in document security, GDPR compliance, and data protection for UK professionals. Our guides are reviewed by industry practitioners and updated regularly.