Firewall · /v1/apiguard

Put any API behind a signed guard.

One job: register an endpoint and every request through it is signed, logged, and rate-shaped with rotating keys — provable protection on legacy APIs.

Calls signed

100%

Every request carries a verifiable signature.

Logged

Tamper-proof

Each invocation written to the WORM ledger.

Keys

Rotating

One-call key rotation per guard.

Classical / legacy

API keys in plaintext headers
Access logs that can be edited
No proof a call happened

EpochCore primitive

Signed every request
WORM-logged invocations
Rotating per-guard keys

Run it

Try the primitive.

With an API key this calls the live POST /v1/apiguard/register endpoint and returns the sealed response. Without one it shows a representative sealed payload so you can see the shape.

ApiGuardPOST /v1/apiguard/register

API key (optional)

Target URL

Policies (JSON)

Representative output runs locally · live needs a key

SDK

In Python.

from epochcore_app_primitives import Client
with Client(api_key="...") as c:
    g = c.apiguard.register(target_url="https://internal.acme/api",
                             policies={"rate_limit":1000,"require_signature":True})
    print(c.apiguard.stats(g["guard_id"]))