Easy2257
API Reference

FAQ

Answers to the questions developers ask most often when integrating Easy2257.

How is idempotency handled?

Easy2257 uses natural composite keys, not the Idempotency-Key header. Each write endpoint has a deterministic dedupe key:

EndpointIdempotency on
POST /v1/solo-accounts(partnerId, externalUserId)
POST /v1/solo-accounts/{id}/contentexternalContentId (falls back to contentUrl if not provided)
POST /v1/collab-scenesscene id is server-generated; pass metadata.externalSceneId to dedupe on your end

Replays return the original record with HTTP 200 (not 201) and duplicate: true. There is no 409 from Easy2257 for replays — different requests with the same key just get the original response.

Is there a sandbox?

Yes. Use API keys with the ez_test_ prefix. Sandbox behaviors:

  • ID verification auto-approves after about 10 seconds (no real Veriff scan)
  • Stripe runs in test mode — use card 4242 4242 4242 4242
  • Webhooks fire from the same easy2257.com domain with the same per-endpoint signing secret
  • Sandbox data lives in the same DB as live data and counts toward your dashboard usage stats

Generate test keys at /profile/partner/api-keys. Switch a key from test to live by creating a new live key and rotating clients over.

How do I rotate an API key without downtime?

Create the new key first, deploy your client with it, verify traffic is flowing on the new key (check lastUsedAt in the dashboard), then revoke the old key. 24-hour overlap is conventional.

API keys are SHA-256 hashed at rest. The plaintext is shown once at creation — copy it to your secret store immediately. There is no "reveal" later; if you lose the key, rotate.

Will Easy2257 ever return a 409?

Currently no. The natural-key idempotency model means same-key replays return the existing record with HTTP 200. If you see 409 in the future, it will be documented here first.

Are there rate limits?

Easy2257 does not currently enforce per-key rate limits on the v1 API surface. We monitor for abuse and reach out before throttling. If you expect sustained traffic above a few hundred requests per second, give us a heads-up at api@easy2257.com.

What's the API versioning policy?

Breaking changes get 90-day notice and a new path version (/v2/...). Non-breaking changes (new optional fields, new endpoints, new event types, new error codes) are deployed without notice. The v1 surface is stable.

How long are records retained?

Easy2257 enforces a hard 7-year deletion guard on all 28 CFR Part 75 records — performer ID images, cross-reference index entries, content logs. This guard applies regardless of account suspension or deletion. If your platform deletes user data under GDPR/CCPA, Easy2257 records are exempt for the 7-year retention window — notify the user at deletion time.

What should I include in a support ticket?

  • Your partner ID (ptnr_...) — find it in the dashboard footer
  • The approximate UTC timestamp of the request
  • The full request body (redact PII) and the response status + body
  • For webhook issues: the event ID (evt_...) and your endpoint URL

Email: api@easy2257.com

Troubleshooting

HTTP status decoder, webhook debugging, and the most common integration failures.

Webhooks

Event-driven notifications from Easy2257 to your platform.

On this page

How is idempotency handled?Is there a sandbox?How do I rotate an API key without downtime?Will Easy2257 ever return a 409?Are there rate limits?What's the API versioning policy?How long are records retained?What should I include in a support ticket?