FileSealFileSeal
Developer API + MCP server

Send files securely from your app or AI agent

Deliver a file to a person as a one-time, encrypted, auto-deleting download link, over a REST API and an MCP server. UK-hosted, with an audit trail and a zero-knowledge option.

Get an API keyRead the docs

What the Secure Send API does

AI agents and backends increasingly produce sensitive files: contracts, KYC extracts, medical letters, financial summaries. Dropping them into chat or a plain email is not safe, and a raw presigned URL has no expiry, no one-time access and no audit. FileSeal gives you a compliant secure-egress channel in one request.

Encrypted

AES-GCM-256. A one-click zero-knowledge mode keeps the key out of FileSeal entirely.

One-time + expiring

The link opens once, then the file is permanently deleted. Set an expiry from 1 to 168 hours.

Audited + UK-hosted

Every send and collection is logged. Hosted in the UK (London), GDPR-ready.

MCP-native

Agents call it as a tool via the fileseal-send MCP server. No glue code.

Send a file in one request

Encrypt the file on your side, then create the send. In link mode you relay the returned#k= link to the recipient and FileSeal never receives the key.

REST

curl -X POST https://fileseal.uk/v1/sends \
  -H "Authorization: Bearer $FILESEAL_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "deliveryMode": "link",
    "files": [{
      "filename": "contract.pdf",
      "mimeType": "application/pdf",
      "ciphertextBase64": "<AES-GCM ciphertext, base64>"
    }]
  }'

MCP server (.mcp.json)

{
  "mcpServers": {
    "fileseal-send": {
      "command": "node",
      "args": ["mcp/fileseal-send/index.mjs"],
      "env": {
        "FILESEAL_API_KEY": "${FILESEAL_API_KEY}",
        "FILESEAL_API_BASE_URL": "https://fileseal.uk"
      }
    }
  }
}

Then your agent calls the secure_send tool; it encrypts locally and returns the share link.

Encryption and the zero-knowledge option

Default: link / zero-knowledge (most private)

The AES key lives only in the link’s #k=fragment, which browsers never send to the server, so FileSeal stores ciphertext it cannot read. You relay the link to the recipient.

Opt-in: email delivery

Pass deliveryMode: "email" and FileSeal holds the key so it can email the recipient a working one-time link. Encrypted and safe from outsiders, not zero-knowledge from FileSeal.

Start sending in minutes

Create an account, generate an API key in Settings, and make your first secure send. Free to evaluate.

Get an API key API documentation