Stream an injectable
This endpoint streams all active injectables for a project using a License Key (not an API key). It is designed for SDKs and client runtimes that need to fetch injectables dynamically.
Injectables are returned as raw encrypted payloads (for sensitive fields), plus integrity fields you can use to verify payload authenticity before applying them.
Endpoint
GET /v1/injectable/streamAuthentication
This endpoint uses your License Key.
Required header
X-LICENSE-KEY: <your_license_key>Query Parameters
per_page
integer
No
Number of injectables per page (default: 50, max: 50)
cursor
string
No
Cursor used for pagination
Headers
X-LICENSE-KEY
Yes
Your license UUID (license key)
Accept
No
application/json
curl -X GET "https://api.devpayr.com/v1/injectable/stream?per_page=15" \
-H "X-LICENSE-KEY: YOUR_LICENSE_KEY" \
-H "Accept: application/json"curl -X GET "https://api.devpayr.com/v1/injectable/stream?per_page=15&cursor=eyJpZCI6MX0=" \
-H "X-LICENSE-KEY: YOUR_LICENSE_KEY" \
-H "Accept: application/json"{
"status": "success",
"message": "Success",
"data": {
"injectables": [
{
"slug": "js-script",
"type": "file",
"mode": "inject",
"encrypted_content": "9zqzVFr42Qep5uhlnE1jczo6TTIvcEVYVFdoeTN0NmFiWGZuYTdVT1czZ1krblJrNWlMWFc0SFNhbGxrbGlUSDkwNHdVM01oV2pRT0ptaDVNV2c2ZmFVQVh2L3IvMVZjM2VmTkZXcmtyZEpKRUN4ZVo4YkxQeVB4SjZ5VVFqS2Z1eDk1bUQ2SWRDTDBFbzRPbHRtd1dQTkl3c1h3NFloakdpTFdZc2FhSlRqZmxXWEV6N0tmNktCUXdDaEpINGNHOUtJTGc3Q2ZudWtlTzdnNUVjbWpkbFlpNWlMb0NOK1puKzl3WldySTRqdHozRzlkUVlGUG9vbjF5b3JucWpKamFyVSsxajl1d1Yxc25WOUNLdGhqcVpBK3JyQm9MVkYwM3grS0VhWldLRWtDVnl4Y1RIWVZiWlNjRDk1NVNRRDlvdUtRR0xEYktrZ1lZeXJoN1FnbUh3WXJJTU1TekF3RDkyanNON3FSOUJTdkw4a0JWckZqUXd1ZXg2bHNKeVlGU3Y2cktWd2ZOTHA5K3dYQXoxNWJSb2hPdER2R0Q3YnRDWGRjT0MzZWU5bTVJVXpsWXJkQzRqSFpBeW5jdnIvQVl6ZHRFdHMycnBnTi9nMnNPQ1RNUGsxQ3JTd05Say96N1pzYjBjTGtQOHhDeWdhbzVObnEwVWlSSlp0M1VzSitCbzFmLzlNektTc21hOFNMZmhxM01TRTFpSkwwR3FTblRGVDhsTmVUY2EyM2FuZStvbzNkeCsxRGhHZWRIbEJ2ZVY0Q1NzV096Y1dqWXZMUWVzNG9uSk1LV2VKaU9QNURqUjYwN1M0dnZWckw1cUZKUmE4dXVNeG9tZko0UVVGT0svSjJMaWwzS2txUC8yWWhabGg2WFZJSUhrRDBkUWlPWVpQU0M5dG5Uck9PaFFlOE04MWd0dU83cVU3enFPUjNOYWpsNDFOSERTV0xHbVFPQjRqMUl4WldHbk5JdDVCSTNBQWh1UWhJL3VqQms3RlQ3dzRKaGUwZVIyU0ZlUjA3RllITEwrc2ZyRmtScSt6bWt6UDUvZkppREM5YjR6bGRMbll5RkZRNEpZREFXNGtvZldGbUQvZGJjaG1lVlBvZDRKeHNRb0NOOGwrRFAwalRld09FbUNmZkhPYzRTTDV0MGV5QU52Y0VBbXRkQ2d5RzVYQXhvdUdJUzlRbWN4Mlg2Q2hLWXc3dEV1U21PTU83M3Z2aEdXUitFRDZlMmNwcVEvS3BuOWVBPT0=",
"meta": {
"uploaded_by": "meritinfos@gmail.com",
"sdk_type": "file",
"env_hint": "production"
},
"file_path": "9Wa2Xqo0jgxe22mSYpblCjo6MUpSRTdhM3VQckdDOW9Za2ZxdFVtUVVuYXVDck1odDJKRi9SL1ZMTTlXZ3orYnl6MGpPMEpKSWt1U2NWVWVTZXhjVHlXeWZwQmRtNTJRZk81TVJpQVE9PQ==",
"target_path": "public/scripts/js/",
"signature": "9e64d4cb26cc66f5277a78b50ab675edf2cff871a844f34897e94fb0be3a8831"
}
],
"next_cursor": null,
"has_more": false
},
"errors": null
}
Response Fields Explained
Top-level response keys
status
string
success or error
message
string
Human-readable status message
data
object
Payload container
errors
object | null
Validation / error payload (if any)
data keys
data keysinjectables
array
List of injectables returned for this license
next_cursor
string | null
Cursor for the next page
has_more
boolean
Whether more pages exist
Injectable object keys
slug
string
Injectable unique slug under the project
type
string
Injectable type (file, snippet, etc.)
mode
string
How this injectable should be applied (inject, write, etc.)
encrypted_content
string
Encrypted injectable payload (base64 string)
file_path
string | null
Encrypted file location (only when type = "file")
target_path
string
Where the injectable should be written/injected
signature
string
Integrity signature for verification
meta
object
Extra metadata for SDK/runtime usage
Important Notes
Payment-gated injectables
Some injectables may be created with only_if_paid = true.
If the project linked to your license is not marked paid, those injectables will not be included in the stream.
Closing Note
This endpoint is intentionally SDK-agnostic. You can consume it from any language or runtime (raw HTTP, CLI, server-side, mobile, desktop). As long as you can handle the encrypted payload format and verify integrity in your environment, you can safely build your own client implementation.
Last updated