submit#

Submit source code for sandboxed execution.

Request#

curl -X POST "https://api.rustbox.orkait.com/api/submit" \
  -H "Content-Type: application/json" \
  -H "X-API-Key: rb_live_your_key_here" \
  -d '{
    "language": "python",
    "code": "print(2 + 2)",
    "stdin": "",
    "webhook_url": "https://your-app.com/hooks/result",
    "webhook_secret": "your-hmac-secret"
  }'

Field	Type	Required	Notes
`language`	string	yes	`python` `py` `c` `cpp` `c++` `cxx` `cc` `java` `javascript` `js` `typescript` `ts` `go` `rust` `rs`
`code`	string	yes	Source code (max 64 KB)
`stdin`	string	no	Input data (max 256 KB)
`webhook_url`	string	no	HTTPS URL for result delivery
`webhook_secret`	string	conditional	Required if `webhook_url` is set (max 256 bytes)

Async response (default)#

HTTP 202 Accepted

{
  "id": "550e8400-e29b-41d4-a716-446655440000",
  "job_status": "pending",
  "queue_depth": 0
}

Poll GET /api/result/{id} for the result.

Sync response (`?wait=true`)#

curl -X POST "https://api.rustbox.orkait.com/api/submit?wait=true" \
  -H "Content-Type: application/json" \
  -H "X-API-Key: rb_live_your_key_here" \
  -d '{"language": "python", "code": "print(2 + 2)"}'

Holds the connection until execution completes (max 30s). Returns the full result directly:

{
  "id": "550e8400-e29b-41d4-a716-446655440000",
  "language": "python",
  "job_status": "completed",
  "schema_version": "1.0",
  "verdict": "AC",
  "exit_code": 0,
  "signal": null,
  "stdout": "4\n",
  "stderr": "",
  "output_integrity": "complete",
  "error_message": null,
  "cpu_time_secs": 0.012,
  "wall_time_secs": 0.045,
  "memory_peak_bytes": 8192000,
  "evidence": {
    "verdict_cause": "normal_exit",
    "verdict_actor": "runtime",
    "isolation_mode": "strict",
    "controls_applied": ["pid_namespace", "mount_namespace", "network_namespace", "memory_limit", "process_limit", "no_new_privileges"],
    "controls_missing": [],
    "cgroup": {
      "memory_limit_bytes": 268435456,
      "memory_peak_bytes": 8192000,
      "oom_events": 0,
      "oom_kill_events": 0,
      "cpu_usage_usec": 12000,
      "process_count": 0,
      "process_limit": 10
    },
    "timing": {
      "cpu_ms": 12,
      "wall_ms": 45,
      "cpu_wall_ratio": 0.27,
      "divergence": "cpu_bound"
    },
    "process_lifecycle": {
      "reap_status": "clean",
      "descendant_containment": "ok",
      "zombie_count": 0
    },
    "judge_actions": [],
    "collection_errors": []
  },
  "created_at": "2026-04-02T12:00:00.000Z",
  "started_at": "2026-04-02T12:00:00.001Z",
  "completed_at": "2026-04-02T12:00:00.046Z"
}

If execution does not finish in time: 408 Request Timeout with the submission ID so you can poll.

Idempotency#

Send an Idempotency-Key header (UUID) to avoid duplicate submissions:

Idempotency-Key: 550e8400-e29b-41d4-a716-446655440000

If a submission with that key already exists, the existing record is returned with 202. Idempotency keys are essential for reliable integrations - network retries should not re-execute the same code.

Errors#

Status	Meaning
400	Invalid language, code too large, missing webhook_secret
401	Missing or invalid API key
429	Rate limit exceeded
503	Queue full - bounded capacity, deliberate backpressure

Error response examples#

HTTP 400 Bad Request

{"error": "code must not be empty"}

HTTP 400 Bad Request

{"error": "unsupported language: brainfuck. available: python, c, cpp, java, javascript, typescript, go, rust"}

HTTP 401 Unauthorized

{"error": "invalid or missing API key"}

HTTP 429 Too Many Requests

{"error": "API key quota exceeded"}

HTTP 503 Service Unavailable

{"error": "queue full, try again later"}