search
Dragon Claw Official Website

plugGateway & API

The gateway is DragonClaw's control plane.

It exposes a REST API and a WebSocket server, then routes validated requests into the agent loop.

hashtag
Request path

  1. External traffic reaches Nginx first.

  2. Nginx proxies approved requests to the gateway on 127.0.0.1:18789.

  3. The gateway checks authentication before any agent work begins.

  4. The gateway applies rate limits and validates the request payload.

  5. Valid requests continue into the agent loop for prompt building and execution.

hashtag
Security layers

  1. Nginx handles TLS, payload limits, and edge rate limiting.

  2. Bearer token auth protects all endpoints except /health.

  3. Rate limiting applies per-user and global quotas.

  4. Input validation enforces JSON and message-size limits.

  5. CORS can be configured for browser clients.

hashtag
Endpoints

  • GET /health

  • GET /skills

  • POST /message

  • WebSocket session for real-time bidirectional traffic

hashtag
Default configuration

hashtag
Production guidance

The gateway binds to 127.0.0.1 by default.

That keeps it off the public internet unless you deliberately proxy traffic to it.

PreviousMemory SystemNextOverview

Last updated