> ## Documentation Index
> Fetch the complete documentation index at: https://docs.machines.cash/llms.txt
> Use this file to discover all available pages before exploring further.

# Decrypt encrypted values

> Decrypt encrypted values

When to use this: Convert encrypted label fields into readable text for UI/agent output.

Required scope: encryption.read.



## OpenAPI

````yaml consumer-openapi.yaml post /user/v1/crypto/decrypt
openapi: 3.1.0
info:
  title: Machines Cash User API
  version: 1.0.0
  description: >-
    User API surface for user-key and agent integrations. Canonical endpoints
    are under /user/v1 and /identity/user-api-keys. Legacy /consumer/v1 and
    /identity/consumer-api-keys remain supported for backward compatibility.
    This reference is separate from partner endpoints.
servers:
  - url: https://api.machines.cash
    description: production
security:
  - UserSessionBearer: []
tags:
  - name: auth
    description: Bootstrap user access.
  - name: keys
    description: User API key lifecycle.
  - name: sessions
    description: Short-lived scoped session minting.
  - name: webHelper
    description: Web-session helper endpoints.
  - name: crypto
    description: User encryption/decryption helpers.
  - name: users
    description: User profile endpoints.
  - name: kyc
    description: Identity verification endpoints.
  - name: agreements
    description: Agreement read/accept endpoints.
  - name: onboarding
    description: Onboarding progress endpoints.
  - name: cards
    description: Card management endpoints.
  - name: folders
    description: Card folder management endpoints.
  - name: balances
    description: Balance read endpoints.
  - name: contracts
    description: Collateral contract endpoints.
  - name: tokens
    description: Token metadata endpoints.
  - name: withdrawals
    description: Withdrawal endpoints.
  - name: transactions
    description: Transaction history endpoints.
  - name: deposits
    description: Deposit endpoints.
  - name: identity
    description: Identity aliases/wallet/deposit preference endpoints.
  - name: notifications
    description: Notification preference/device endpoints.
  - name: payments
    description: Payment support endpoints.
  - name: subscriptions
    description: Subscription and add-on endpoints.
  - name: referrals
    description: Referral endpoints.
  - name: bills
    description: Bill tracking endpoints.
  - name: support
    description: Support context endpoints.
  - name: spotlight
    description: Spotlight search endpoints.
paths:
  /user/v1/crypto/decrypt:
    post:
      tags:
        - crypto
      summary: Decrypt encrypted values
      description: >-
        Decrypt encrypted values


        When to use this: Convert encrypted label fields into readable text for
        UI/agent output.


        Required scope: encryption.read.
      operationId: post_user_v1_crypto_decrypt
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CryptoDecryptRequest'
            example:
              items:
                - id: card_name
                  encrypted:
                    v: 1
                    iv: ...
                    ct: ...
      responses:
        '200':
          description: Success
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CryptoDecryptResponse'
              example:
                ok: true
                data: {}
                summary: success
        '400':
          $ref: '#/components/responses/BadRequest'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '403':
          $ref: '#/components/responses/Forbidden'
        '404':
          $ref: '#/components/responses/NotFound'
        '429':
          $ref: '#/components/responses/TooManyRequests'
components:
  schemas:
    CryptoDecryptRequest:
      type: object
      properties:
        items:
          type: array
          minItems: 1
          maxItems: 50
          items:
            type: object
            properties:
              id:
                type: string
                minLength: 1
              encrypted:
                $ref: '#/components/schemas/EncryptedField'
            required:
              - id
              - encrypted
            additionalProperties: false
      required:
        - items
      additionalProperties: false
    CryptoDecryptResponse:
      type: object
      properties:
        items:
          type: array
          items:
            type: object
            properties:
              id:
                type: string
              ok:
                type: boolean
              value:
                type: string
              error:
                type: string
            required:
              - id
              - ok
            additionalProperties: true
      additionalProperties: true
    EncryptedField:
      type: object
      properties:
        v:
          type: integer
        iv:
          type: string
        ct:
          type: string
      required:
        - v
        - iv
        - ct
      additionalProperties: false
    StandardError:
      type: object
      properties:
        error:
          type: string
        message:
          type: string
      required:
        - error
        - message
      additionalProperties: true
  responses:
    BadRequest:
      description: Invalid request payload or parameters.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/StandardError'
    Unauthorized:
      description: Missing/invalid bearer or key credentials.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/StandardError'
    Forbidden:
      description: Valid auth but missing required scope or blocked by policy.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/StandardError'
    NotFound:
      description: Resource not found for current user/session.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/StandardError'
    TooManyRequests:
      description: Rate limit triggered for current key/session.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/StandardError'
  securitySchemes:
    UserSessionBearer:
      type: http
      scheme: bearer
      bearerFormat: JWT
      description: >-
        Bearer session token for User API operations. Legacy UserSessionBearer
        naming remains supported.

````