# / abac
Your agents call APIs.
They shouldn't see the keys.
LLM agents need API access — but passing keys into a sandbox means the model can see, log, or leak them. ABAC is a reverse proxy that sits outside the sandbox and fixes this.
credential injection — real API keys stay outside the sandbox
access control — route-level allow/deny per method + path
response filtering — strip sensitive fields before they reach the agent
1 / Allow + Response Filter
Agent → abac (proxy:8080)
$ curl proxy:8080/v1/users \
-H "Host: api.example.com" \
-H "Authorization: Bearer proxy-abc123"
validate proxy-abc123 → load policy
check host allowlist: api.example.com → ok
match route: GET /v1/users → allow
inject credential from $EXAMPLE_API_KEY
abac (proxy:8080) → api.example.com
GET api.example.com/v1/users
x-api-key: sk-real-secret-key
server processes request
← 200 OK from api.example.com
200 OK · Response filter · include: [id, name, email]
{
"id": 1,
"name": "Alice",
"email": "a@b.com",
"ssn": "123-45-6789",
"salary": 95000
}
return filtered response to agent sandbox
What the agent sees
{ "id": 1, "name": "Alice", "email": "a@b.com" }
2 / Route Denied
Agent → abac (proxy:8080)
$ curl -X DELETE proxy:8080/v1/users/1 \
-H "Host: api.example.com" \
-H "Authorization: Bearer proxy-abc123"
validate proxy-abc123 → load policy
check host allowlist: api.example.com → ok
match route: DELETE /v1/users/1 → deny
What the agent sees
403 Forbidden — route not allowed by policy
3 / Invalid Token
Agent → abac (proxy:8080)
$ curl proxy:8080/v1/users \
-H "Host: api.example.com" \
-H "Authorization: Bearer expired-token-xyz"
validate expired-token-xyz → no matching policy
What the agent sees
401 Unauthorized — invalid or expired proxy token
4 / Configuration
Policies are defined in *.policygroup.json files. One token, multiple upstream APIs, each with scoped rules. Hosted policy management is in development.
example.policygroup.json
{ "localToken": "proxy-abc123", "policies": [ { "baseUrl": "https://api.example.com", "localUpstreamTokenKey": "EXAMPLE_API_KEY", "rules": [ { "route": "/v1/users", "method": "GET", "action": "allow", "response_filter": { "type": "include_fields", "fields": ["id", "name", "email"] } }, { "route": "/v1/users/*", "method": "DELETE", "action": "deny" } ] } ] }