Utility
Operational
UTM & Link Cloaking Proxy
Stateless link cloaking with compressed token encoding
Create obfuscated short links with embedded UTM parameters. Zero-latency redirects with no database required—everything is encoded in the token itself.
POST
/api/cloak
POST
/api/decode
POST
/api/build-utm
GET
/api/r/{token}
<10ms latency
No database
Public redirect
What It Does
The Link Cloaking API provides stateless URL shortening and UTM parameter management. Unlike traditional URL shorteners that require databases to store mappings, this API encodes all data—including the target URL and UTM parameters—directly into a compressed, obfuscated token using deflate compression and base64url encoding.
Link Cloaking
Hide destination URLs with obfuscated tokens
UTM Builder
Auto-append tracking parameters
Zero Latency
Sub-10ms redirect response time
POST
/api/cloak
Create a cloaked link with embedded UTM parameters. Returns a short token that can be used with the redirect endpoint.
curl -X POST https://api.atomicapis.dev/api/cloak \
-H "X-RapidAPI-Proxy-Secret: YOUR_SECRET" \
-H "Content-Type: application/json" \
-d '{
"url": "https://example.com/product/super-widget",
"utmSource": "newsletter",
"utmMedium": "email",
"utmCampaign": "summer_sale_2024"
}'const response = await fetch('https://api.atomicapis.dev/api/cloak', {
method: 'POST',
headers: {
'X-RapidAPI-Proxy-Secret': 'YOUR_SECRET',
'Content-Type': 'application/json'
},
body: JSON.stringify({
url: 'https://example.com/product/super-widget',
utmSource: 'newsletter',
utmMedium: 'email',
utmCampaign: 'summer_sale_2024'
})
});
const data = await response.json();
console.log(data.cloakedUrl); // https://api.atomicapis.dev/api/r/abc123...import requests
response = requests.post(
'https://api.atomicapis.dev/api/cloak',
headers={
'X-RapidAPI-Proxy-Secret': 'YOUR_SECRET',
'Content-Type': 'application/json'
},
json={
'url': 'https://example.com/product/super-widget',
'utmSource': 'newsletter',
'utmMedium': 'email',
'utmCampaign': 'summer_sale_2024'
}
)
data = response.json()
print(data['cloakedUrl']) # https://api.atomicapis.dev/api/r/abc123...using var client = new HttpClient();
client.DefaultRequestHeaders.Authorization =
new AuthenticationHeaderValue("Bearer", "YOUR_API_KEY");
var requestBody = new
{
url = "https://example.com/product/super-widget",
utmSource = "newsletter",
utmMedium = "email",
utmCampaign = "summer_sale_2024"
};
var json = JsonSerializer.Serialize(requestBody);
var content = new StringContent(json, Encoding.UTF8, "application/json");
var response = await client.PostAsync(
"https://api.atomicapis.dev/api/cloak", content);
var data = await response.Content.ReadFromJsonAsync<CloakResponse>();
Console.WriteLine(data.CloakedUrl);Request Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
url |
string | Required | The target URL to cloak. Must be a valid HTTP/HTTPS URL. |
utmSource |
string | Optional | Traffic source (e.g., newsletter, google, facebook) |
utmMedium |
string | Optional | Marketing medium (e.g., email, cpc, social) |
utmCampaign |
string | Optional | Campaign name for tracking |
utmTerm |
string | Optional | Paid search keyword term |
utmContent |
string | Optional | Content variant for A/B testing |
Response
200 OK
{
"cloakedUrl": "https://api.atomicapis.dev/api/r/eJxLKs7MS42vzElVSMyrBAAvQAT-",
"token": "eJxLKs7MS42vzElVSMyrBAAvQAT-",
"destinationUrl": "https://example.com/product/super-widget?utm_source=newsletter&utm_medium=email&utm_campaign=summer_sale_2024",
"originalUrl": "https://example.com/product/super-widget"
}
POST
/api/decode
Decode a cloaked token to reveal the original URL and UTM parameters without performing a redirect.
curl -X POST https://api.atomicapis.dev/api/decode \
-H "X-RapidAPI-Proxy-Secret: YOUR_SECRET" \
-H "Content-Type: application/json" \
-d '{
"token": "eJxLKs7MS42vzElVSMyrBAAvQAT-"
}'const response = await fetch('https://api.atomicapis.dev/api/decode', {
method: 'POST',
headers: {
'X-RapidAPI-Proxy-Secret': 'YOUR_SECRET',
'Content-Type': 'application/json'
},
body: JSON.stringify({
token: 'eJxLKs7MS42vzElVSMyrBAAvQAT-'
})
});
const data = await response.json();
console.log(data.originalUrl);
console.log(data.destinationUrl);import requests
response = requests.post(
'https://api.atomicapis.dev/api/decode',
headers={
'X-RapidAPI-Proxy-Secret': 'YOUR_SECRET',
'Content-Type': 'application/json'
},
json={'token': 'eJxLKs7MS42vzElVSMyrBAAvQAT-'}
)
data = response.json()
print(data['originalUrl'])
print(data['destinationUrl'])using var client = new HttpClient();
client.DefaultRequestHeaders.Authorization =
new AuthenticationHeaderValue("Bearer", "YOUR_API_KEY");
var requestBody = new { token = "eJxLKs7MS42vzElVSMyrBAAvQAT-" };
var json = JsonSerializer.Serialize(requestBody);
var content = new StringContent(json, Encoding.UTF8, "application/json");
var response = await client.PostAsync(
"https://api.atomicapis.dev/api/decode", content);
var data = await response.Content.ReadFromJsonAsync<DecodeResponse>();Request Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
token |
string | Required | The cloaked token to decode (the part after /api/r/) |
Response
200 OK
{
"originalUrl": "https://example.com/product/super-widget",
"destinationUrl": "https://example.com/product/super-widget?utm_source=newsletter&utm_medium=email&utm_campaign=summer_sale_2024",
"utmSource": "newsletter",
"utmMedium": "email",
"utmCampaign": "summer_sale_2024",
"utmTerm": null,
"utmContent": null
}
POST
/api/build-utm
Build a URL with properly formatted UTM parameters without cloaking. Useful when you want visible tracking links.
curl -X POST https://api.atomicapis.dev/api/build-utm \
-H "X-RapidAPI-Proxy-Secret: YOUR_SECRET" \
-H "Content-Type: application/json" \
-d '{
"url": "https://example.com/landing",
"utmSource": "twitter",
"utmMedium": "social",
"utmCampaign": "product_launch"
}'const response = await fetch('https://api.atomicapis.dev/api/build-utm', {
method: 'POST',
headers: {
'X-RapidAPI-Proxy-Secret': 'YOUR_SECRET',
'Content-Type': 'application/json'
},
body: JSON.stringify({
url: 'https://example.com/landing',
utmSource: 'twitter',
utmMedium: 'social',
utmCampaign: 'product_launch'
})
});
const data = await response.json();
console.log(data.taggedUrl);import requests
response = requests.post(
'https://api.atomicapis.dev/api/build-utm',
headers={
'X-RapidAPI-Proxy-Secret': 'YOUR_SECRET',
'Content-Type': 'application/json'
},
json={
'url': 'https://example.com/landing',
'utmSource': 'twitter',
'utmMedium': 'social',
'utmCampaign': 'product_launch'
}
)
data = response.json()
print(data['taggedUrl'])using var client = new HttpClient();
client.DefaultRequestHeaders.Authorization =
new AuthenticationHeaderValue("Bearer", "YOUR_API_KEY");
var requestBody = new
{
url = "https://example.com/landing",
utmSource = "twitter",
utmMedium = "social",
utmCampaign = "product_launch"
};
var json = JsonSerializer.Serialize(requestBody);
var content = new StringContent(json, Encoding.UTF8, "application/json");
var response = await client.PostAsync(
"https://api.atomicapis.dev/api/build-utm", content);
var data = await response.Content.ReadFromJsonAsync<UtmResponse>();Request Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
url |
string | Required | The target URL to tag. Must be a valid HTTP/HTTPS URL. |
utmSource |
string | Optional | Traffic source (e.g., newsletter, google, facebook) |
utmMedium |
string | Optional | Marketing medium (e.g., email, cpc, social) |
utmCampaign |
string | Optional | Campaign name for tracking |
utmTerm |
string | Optional | Paid search keyword term |
utmContent |
string | Optional | Content variant for A/B testing |
Response
200 OK
{
"taggedUrl": "https://example.com/landing?utm_source=twitter&utm_medium=social&utm_campaign=product_launch",
"originalUrl": "https://example.com/landing"
}
GET
/api/r/{token}
No Auth Required
Public redirect endpoint. Decodes the token and performs a 302 redirect to the original URL with UTM parameters appended. This endpoint requires no authentication.
# Follow redirects to see final URL
curl -L -I https://api.atomicapis.dev/api/r/eJxLKs7MS42vzElVSMyrBAAvQAT-
# Response: HTTP/1.1 302 Found
# Location: https://example.com/product/super-widget?utm_source=...// Users clicking the cloaked link
window.location.href = 'https://api.atomicapis.dev/api/r/eJxLKs7MS42vzElVSMyrBAAvQAT-';
// Or fetch with redirect following
const response = await fetch('https://api.atomicapis.dev/api/r/eJxLKs7MS42vzElVSMyrBAAvQAT-', {
redirect: 'follow'
});
console.log(response.url); // Final destination URL<!-- Use cloaked links in your HTML -->
<a href="https://api.atomicapis.dev/api/r/eJxLKs7MS42vzElVSMyrBAAvQAT-">
Check out our product!
</a>
<!-- In email campaigns -->
<a href="https://api.atomicapis.dev/api/r/eJxLKs7MS42vzElVSMyrBAAvQAT-"
style="display:inline-block;padding:12px 24px;background:#f59e0b;color:white;text-decoration:none;border-radius:6px;">
Shop Now
</a>Response
302 Found
HTTP/1.1 302 Found
Location: https://example.com/product/super-widget?utm_source=newsletter&utm_medium=email&utm_campaign=summer_sale_2024Use Cases
Affiliate Marketing
Mask affiliate links to improve click-through rates. Hide long, complex affiliate URLs behind clean, branded short links that users trust.
api.atomicapis.dev/api/r/aff-x7k9
Campaign Tracking
Automatically append UTM parameters to every link. Track email, social, and ad campaigns with consistent, accurate analytics data.
utm_campaign=black_friday
Clean URLs
Transform messy, parameter-heavy URLs into elegant short links perfect for social media, SMS, and print materials.
api.atomicapis.dev/api/r/sale2024
Build Constraints
Performance Requirements
- Zero-latency redirect: /api/r/{token} responds in <10ms
- No database dependency: All data encoded in token
- Stateless operation: No server-side storage
Security & Access
- Public redirect: /api/r/{token} requires no auth
- Protected endpoints: /api/cloak, /api/decode require API key
- Compression: Deflate + base64url encoding
Implementation Note: Tokens are self-contained and portable. You can generate tokens on one server and validate/redirect on another without any shared database. The redirect endpoint performs pure computation—decompress, decode, and redirect—with no I/O operations.
Error Codes
| Status | Message | Description |
|---|---|---|
| 400 | The 'url' field is required. |
Request body is missing the required url field |
| 400 | Destination URL must be an absolute HTTP(S) URL. |
The provided URL is not a valid absolute HTTP or HTTPS URL |
| 400 | The 'token' field is required. |
Decode request body is missing the required token field |
| 400 | Invalid or corrupted token. |
The token cannot be decoded (bad format or corrupted data) |
| 400 | Invalid or expired link. |
The redirect endpoint received an invalid token |
| 401 | Unauthorized: Invalid or missing X-RapidAPI-Proxy-Secret header. |
Missing or invalid API secret on a protected endpoint |
Error Response Format
{
"message": "The 'url' field is required."
}Related APIs
MCP Integration MCP Ready
What is MCP?
Model Context Protocol (MCP) allows AI assistants like Claude to call this API as a native tool during conversation. Instead of writing HTTP requests, the AI invokes the tool directly — no API keys or boilerplate needed on the client side.
Tool Details
Tool Class
UtmLinkTools
Method
CloakLink()
Description
Creates cloaked UTM-tagged tracking URLs