This guide is specifically designed for AI coding assistants like Claude Code, Cursor, GitHub Copilot, and other LLM-powered tools. Copy or download this guide and provide it to your AI assistant for seamless 3PM Extractor integration.
This is 3PM Extractor, an embeddable AI document extraction platform. It is NOT a standalone file storage service or OCR tool. The appSecret and embedToken must never be exposed to the browser — use session-based auth via POST /api/embed/sessions from your backend.
Long-lived secret returned from onboarding. Server-side only! Never expose in client code.
Short-lived token (1 day TTL) safe for the browser. Created via POST /api/embed/sessions.
Define typed fields (String, Number, Object, List) that the AI extracts from uploaded documents.
Each onboarded organization is an isolated tenant with its own users, documents, and extractions.
Host Application (yours)
|
|-- Backend (Node.js / Python / any)
| |
| |-- POST /api/embed/onboard --> One-time: create tenant + user + embedToken (uses appId + appSecret)
| |-- POST /api/embed/sessions --> Per-page-load: create session (uses appId + appSecret + embedToken)
| |
| |-- After session is created, use X-Session-Id for everything:
| | |-- POST /api/embed/users --> Add new users to your tenant
| | |-- GET /api/embed/users --> List users in your tenant
| | |-- POST /api/embed/extract --> Upload & extract documents
| |
| |-- Stores: appId, appSecret, embedToken (NEVER in frontend)
| |
|-- Frontend (React / Vue / any)
|
|-- <iframe src="/embed?sessionId=ess_xxx" /> (only sessionId exposed)
|-- window.addEventListener('message', ...) (listen for events)# 3PM Extractor Configuration
EXTRACTOR_BASE_URL=https://extractor.decoded.digital
EXTRACTOR_APP_ID=673abc123def456789012345
EXTRACTOR_APP_SECRET=ask_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
EXTRACTOR_EMBED_TOKEN=ext_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
# For frontend (safe to expose)
NEXT_PUBLIC_EXTRACTOR_URL=https://extractor.decoded.digital/api/embed/onboardOne-time setupCreate tenant, owner user, and embed token in one call
// Request
{
"organizationName": "Acme Corp",
"firstName": "John",
"lastName": "Doe",
"email": "john@acme.com",
"appId": "673abc123def456789012345",
"appSecret": "ask_your_app_secret_here"
}
// Response
{
"data": {
"tenant": { "id": "...", "name": "Acme Corp" },
"user": { "id": "...", "email": "john@acme.com", "role": "owner" },
"embedToken": { "id": "...", "key": "ext_xxx...", "expiresAt": null },
"appId": "673abc123def456789012345"
},
"error": null
}/api/embed/sessionsPer page loadCreate a short-lived session for iframe embedding (1 day TTL)
// Request (from your backend)
{
"appId": "YOUR_APP_ID",
"appSecret": "ask_YOUR_APP_SECRET",
"embedToken": "ext_YOUR_EMBED_TOKEN",
"userEmail": "user@example.com"
}
// Response
{
"data": {
"sessionId": "ess_abc123...",
"expiresAt": "2026-04-08T12:00:00Z",
"userEmail": "user@example.com",
"tenantId": "...",
"appId": "..."
}
}/api/embed/extractUpload a file and start AI extraction
curl -X POST \
-H "X-Session-Id: ess_xxx" \
-F "file=@invoice.pdf" \
https://extractor.decoded.digital/api/embed/extract
# Response: { "data": { "extractionId": "...", "status": "processing" } }/api/embed/verifyVerify session and get tenant information
// Headers: X-Session-Id: ess_xxx
// Response
{
"data": {
"valid": true,
"tenantId": "...",
"embedTokenName": "My Token",
"userEmail": "user@example.com"
}
}# Session-based auth (for all calls after onboarding):
X-Session-Id: ess_xxx...
# One header. Session contains all context (app, tenant, user).
# Works for: user creation, user listing, extractions, documents, etc.
# App-Secret auth (only for initial onboarding):
X-App-Id: YOUR_APP_ID
X-App-Secret: ask_xxx...
# Used only for POST /api/embed/onboard and POST /api/embed/sessions.| Page | URL Path | Description |
|---|---|---|
| File Upload | /embed?sessionId=ess_xxx | Upload files and extract data |
| Documents | /embed/documents?sessionId=ess_xxx | Manage document templates |
| Extractions | /embed/extractions?sessionId=ess_xxx | View extraction history with search/filters |
| Settings | /embed/settings?sessionId=ess_xxx | Integrations, webhooks, embed tokens |
The full AI Integration Guide includes complete code examples for:
App Router + API Routes
Backend + HTML Frontend
Reusable Component
Client Library
Backend session route + frontend iframe component:
import { NextRequest, NextResponse } from 'next/server';
export async function POST(request: NextRequest) {
// 1. Get authenticated user email from your auth system
const userEmail = 'user@example.com'; // Replace with your auth
// 2. Create session with Extractor
const response = await fetch(
`${process.env.EXTRACTOR_BASE_URL}/api/embed/sessions`,
{
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({
appId: process.env.EXTRACTOR_APP_ID,
appSecret: process.env.EXTRACTOR_APP_SECRET,
embedToken: process.env.EXTRACTOR_EMBED_TOKEN,
userEmail,
}),
}
);
const data = await response.json();
if (!response.ok) {
return NextResponse.json({ error: 'Failed' }, { status: 500 });
}
// 3. Return only sessionId to frontend
return NextResponse.json({ sessionId: data.data.sessionId });
}'use client';
import { useEffect, useState } from 'react';
export function ExtractorEmbed({ page = 'upload', height = 600 }) {
const [sessionId, setSessionId] = useState(null);
useEffect(() => {
fetch('/api/extractor/session', { method: 'POST' })
.then(res => res.json())
.then(data => setSessionId(data.sessionId))
.catch(console.error);
}, []);
if (!sessionId) return <div>Loading...</div>;
const pagePath = page === 'upload' ? '' : `/${page}`;
const src = `${process.env.NEXT_PUBLIC_EXTRACTOR_URL}/embed${pagePath}?sessionId=${sessionId}`;
return (
<iframe
src={src}
width="100%"
height={height}
frameBorder="0"
allow="clipboard-write"
/>
);
}uploaded → analyzing → analyzed → extracting → completed
↓ ↓
analysis failed extraction failed
↓ ↓
failed failed
Statuses: uploaded, analyzing, analyzed, extracting, completed,
analysis failed, extraction failed, failed| Method | Endpoint | Auth | Description |
|---|---|---|---|
| POST | /api/embed/onboard | Body | Create tenant + user + token |
| POST | /api/embed/sessions | Body | Create session |
| GET | /api/embed/verify | Session | Verify session |
| POST | /api/embed/extract | Session | Upload & extract |
| GET | /api/embed/extractions | Session | List extractions |
| GET | /api/embed/extractions/:id | Session | Get extraction |
| POST | /api/embed/extractions/:id/retry | Session | Retry failed |
| GET | /api/embed/documents | Session | List templates |
| POST | /api/embed/documents | Session | Create template |
| POST | /api/embed/users | Session | Create user |
| POST | /api/embed/webhooks | Session | Create webhook |
Full endpoint list with request/response examples available in the downloadable guide.
Download the complete AI Integration Guide with full code examples for Next.js, Express.js, React, Python, and more. Paste it into Claude Code, Cursor, or any AI assistant.
Last updated: April 2026