API & SDK Integration

Comprehensive guide for enterprise partners to embed NYX's Zero-Knowledge messaging engine directly into your applications.

1. Request Access

To utilize the NYX Engine APIs or SDKs, developers must first obtain an x-nyx-engine-key. We currently enforce a manual vetting process for all third-party integrations.

Email: [email protected]
Subject: Integration Proposal: [Company Name]

Include your target use case, expected daily active users (DAU), and whether you require an on-premise dedicated relay or will use the shared cloud relay.

2. Method A: Iframe Integration

The fastest way to embed NYX is via an isolated Iframe. First, create a secure room URL by hitting our S2S API: POST /api/engine/rooms. Then, embed the response URL in your frontend.

EmbeddedChat.tsx 
export default function EmbeddedChat({ roomUrl }) {
  return (
    <iframe 
      src={roomUrl}
      allow="camera; microphone; clipboard-write"
      sandbox="allow-scripts allow-same-origin allow-popups allow-forms"
      className="w-full h-[600px] rounded-xl border border-slate-800"
    />
  );
}

3. Method B: Native SDK

For deep custom UI control, install the local SDK. This grants you raw access to the messaging bus and local cryptography worker without using our UI.

npm install nyx-engine-sdk-0.1.0.tgz

Implementation Example

import NyxClient from 'nyx-engine-sdk';

// 1. Initialize Web Worker and Cryptography
const nyx = new NyxClient({ apiKey: process.env.NYX_ENGINE_KEY });
await nyx.initialize();

// 2. Connect user via token
await nyx.connectUser(userToken);

// 3. Listen for natively decrypted messages
nyx.on('message.decrypted', (message) => {
  console.log("New Secure Message:", message);
});

// 4. Send encrypted message
await nyx.sendMessage(roomId, "Hello from the custom integration!");

4. Troubleshooting Guide

Common Error Solution
Base64 unseal decryption failure Ensure you are using URL-Safe Base64 with NO padding before feeding data to crypto_box_seal_open.
Nginx CSP frame-ancestors block You must provide your domains to our team to whitelist them in the Content-Security-Policy headers of the relay server.
Memory Heap Leak / Crash If using raw Libsodium, ensure you explicitly call sodium.memzero(key) on symmetric keys after encryption/decryption cycles to free memory.
CORS on Encrypted Media Uploads Media uploads must hit the R2 proxy endpoint /api/engine/upload, not the bucket directly, to resolve strict CORS preflight checks.
ce, obfuscation is the only true freedom."