Overview
The Vaultastic eDiscovery API enables developers to programmatically search and retrieve email data stored in the Vaultastic Active Store. The API is designed for integrating Vaultastic with third-party applications, eDiscovery workflows, compliance solutions, and custom business processes.
Using the API, applications can:
- Search archived emails using a variety of search criteria.
- Retrieve and export the complete contents of selected emails.
The Vaultastic eDiscovery API is REST-based and currently provides the following endpoints:
| Endpoint | Description |
|---|---|
| Search API | Searches the Vaultastic Active Store and returns a list of emails that match the specified search criteria. |
| Export API | Retrieves and exports the complete content of a selected email returned by the Search API. |
Obtaining API Access
To use the Vaultastic eDiscovery API, you must obtain an API access key.
To request an API key, raise a support ticket with Mithi Customer Care and provide the Vault ID for which API access is required.
Note
API access can only be enabled for Vault IDs that have Self Service or Full Access permissions to data stored in the Vaultastic Active Store.
Rate Limits
Each API access key is subject to the following default rate limits. These limits are shared across both the Search API and Export API.
| Limit | Default Value |
|---|---|
| Requests per second | 100 API calls |
| Requests per month | 5,000 API calls |
| Number of keys | A single active key at a time |
If your application requires higher throughput, please contact Mithi Customer Care to discuss increased rate limits.
API Key Security
Your API access key provides access to archived data and should be treated as a sensitive credential.
Vaultastic follows these practices:
- API access keys are delivered securely through approved communication channels.
- Each API key is associated with a specific Vault ID and its corresponding access permissions.
Customers are responsible for protecting their API credentials. We recommend the following best practices:
- Store API keys securely using a secrets management solution or encrypted configuration store.
- Never embed API keys directly in application source code.
- Do not expose API keys in client-side applications or public repositories.
- Rotate API keys periodically and immediately if you suspect they have been compromised.
Next Steps
After obtaining an API access key, you can:
- Authenticate your application using the provided API key.
- Use the Search API to locate archived emails.
- Use the Export API to retrieve the full content of selected emails.
- Integrate the API into your eDiscovery, compliance, or archival workflows.
Using the Search API
Endpoint
POST https://ediscovery.vaultastic.com/v1/search
Headers
| Header | Description |
|---|---|
| The vault id of the user making the request (e.g. |
Request Body
Send a JSON object with the search parameters. An empty body ({}) returns all archived emails accessible to the caller.
All fields are optional. However, date-from and date-to must always be used together — if one is provided, the other must also be provided.
Date fields use the format YYYY-MM-DD (e.g. 2026-06-01).
| Parameter | Type | Description |
|---|---|---|
| string | Filter by sender email address. |
| string | Filter by recipient email address. |
| string | Filter by CC email address. |
| string | Filter by BCC email address. |
| string | Filter by email subject (supports partial match). |
| string | Filter by text in the email body. |
| string | Filter by text found within attachments. |
| string | Filter by attachment filename. |
| string | Filter emails on a specific date. Format: |
| string | Start of a date range (inclusive). Format: |
| string | End of a date range (inclusive). Format: |
| integer | Zero-based index of the first result to return. For page N (1-based) with page size P, set |
| integer | Number of results to return per page (i.e. page size). |
Pagination
Use the start and rows fields together to page through results. rows sets the page size and start sets the offset of the first result on that page.
With a page size of 50:
| Page | start | rows |
|---|---|---|
1 | 0 | 50 |
2 | 50 | 50 |
3 | 100 | 50 |
N |
| 50 |
Use response.numFound from the response to determine the total number of results and calculate how many pages exist.
Example — fetch page 2:
JSON
{ "start": 50, "rows": 50}Response
Returns a JSON object with the following structure:
JSON
{
"responseHeader": {
"status": 0,
"QTime": 0,
"params": {}
},
"response": {
"numFound": 1406,
"start": 0,
"numFoundExact": true,
"docs": [
{
"id": "uuid",
"path": "s3://...",
"vault": [
],
"from": [
"sender <sender@domain.com>"
],
"to": [
"recipient <recipient@domain.com>"
],
"cc": [],
"bcc": [],
"date": "2022-11-01T07:29:48Z",
"domain": "archive.mithi.com",
"subject": "Email subject",
"message-id": "<message-id>",
"msgsize": 311971,
"attachment-info": ""
}
]
}
}
| Field | Description |
|---|---|
|
|
| Query execution time in milliseconds |
| Total number of matching emails |
| Offset of the first result returned |
| Array of matching email documents |
| Unique identifier (UUID) of the archived email |
| S3 path to the raw |
| List of vault addresses the email is associated with |
| Sender address(es) |
| Recipient address(es) |
docs[ ].cc | cc recipient address(es) |
docs[ ] .bcc | bcc recipient address(es) |
docs[ ].message-id | mails message id |
| Email date in ISO 8601 format |
| Archive domain |
| Email subject line |
| Size of the email in bytes |
| Attachment metadata, if any |
Error Cases
HTTP-level errors
| HTTP Status | Meaning | Likely Cause |
|---|---|---|
| Malformed request | Invalid JSON body or unsupported Solr query syntax in |
400 Bad Request | Authentication failure | Missing or invalid |
| Access denied | The |
403 Forbidden | Endpoint not found | Incorrect URL path |
| Server-side failure | Unexpected error on the Vaultastic backend |
Application-level errors (within a 200 response)
The API may return HTTP 200 but indicate a failure via responseHeader.status in the response body:
responseHeader.status | Meaning |
|---|---|
| Success — query executed without errors |
Non-zero | Solr-level error — check |
Example error response body:
JSON
{
"responseHeader": {
"status": 400,
"QTime": 2
},
"error": {
"metadata": [
"error-class",
"org.apache.solr.common.SolrException",
"root-error-class",
"org.apache.solr.common.SolrException"
],
"msg": "undefined field path",
"code": 400
}
}
Common error scenarios
| Scenario | Symptom | Resolution |
|---|---|---|
Missing |
| Add the |
| Empty | No emails match the query — refine |
Pagination out of range | Empty |
|
Using the Export API
Retrieves the full content of a single archived email by its S3 storage path.
The path value is typically obtained from the docs[].path field in the response of the POST /v1/search endpoint.
Endpoint
POST https://ediscovery.vaultastic.com/v1/export
Headers
| Header | Description |
|---|---|
| The vault id of the user making the request (e.g. |
Request Body
Send a JSON object with the S3 path of the email to export:
| Parameter | Type | Required | Description |
|---|---|---|---|
| string | Yes | The S3 path to the |
Example:
{ "path": "s3://ind1-mithi-vv4-dc1-mailstore-s3/archive.mithi.com/data/mail/47e9a06d-74a5-4356-9483-df9fb89efe5f.eml"}Response
Returns a JSON object with the fully parsed email content, including headers, body parts, and attachments.
{ "subject": "Re: [Ticket#2022090710000045] ...", "headers": { "from": ["\"Sender Name\" <sender@domain.com>"], "to": ["\"Recipient Name\" <recipient@domain.com>"], "cc": ["cc1@domain.com, cc2@domain.com"], "bcc": [], "reply-to": [], "date": "2022-11-01T07:29:48.000Z", "message-id": "<unique-message-id@domain.com>", "in-reply-to": "<parent-message-id@domain.com>", "references": "", "x-vaultastic-header": "<base64-encoded-metadata>", "x-vault": "user@archive.domain.com", "x-vaultastic-primary-domain": "archive.domain.com", "received": ["...SMTP trace entries..."] }, "body": [ { "type": "text/plain", "content": "Plain text body of the email" }, { "type": "text/html", "content": "<html>HTML body of the email</html>" } ], "attachments": [ { "filename": "document.pdf", "contentType": "application/pdf", "size": 12345, "content": "<base64-encoded-content>" } ]}Response Fields
| Field | Description |
|---|---|
| The email subject line |
| Object containing all email headers |
| Sender address(es) |
| Primary recipient address(es) |
| CC recipient address(es) |
| BCC recipient address(es) |
| Reply-to address(es), if set |
| Email send date in ISO 8601 format |
| Unique message identifier |
| Message ID of the email being replied to |
| Base64-encoded Vaultastic metadata (sender, server IP, received time, UUID, mail router type, recipient) |
| The vault address the email is stored under |
| The primary archive domain |
| SMTP relay trace entries |
| Array of body parts (plain text and/or HTML) |
| MIME type of the body part (e.g. |
| Content of the body part |
| Array of attachment objects (empty if none) |
| Attachment file name |
| MIME type of the attachment |
| Size of the attachment in bytes |
| Base64-encoded attachment content |
Error Cases
HTTP-level errors
| HTTP Status | Meaning | Likely Cause |
|---|---|---|
| Malformed request | Missing or invalid |
| Authentication failure | Missing or invalid |
| Access denied | The |
| Email not found | The S3 path does not exist or the email has been deleted |
| Server-side failure | Unexpected error on the Vaultastic backend (e.g. S3 read failure) |
Common error scenarios
| Scenario | Symptom | Resolution |
|---|---|---|
Missing |
| Ensure the request body contains a |
Stale or incorrect S3 path |
| Re-run the search to get a fresh |
Missing |
| Add the |
|
| Use a |
Path from a different environment |
| Ensure the |
Missing Api Key |
| Missing or invalid x-api-key |