Machine clients
Use basic auth, bearer tokens, or shared query keys for integrations and server-to-server traffic.
Auth guards
Protect public endpoints with basic auth, bearer tokens, query keys, or datastore-backed sessions.
What this helps you do
Protect public endpoints with basic auth, bearer tokens, query keys, or datastore-backed sessions.
- Choose the right guard per endpoint
- Support machine clients and user-facing session flows
- Keep authentication close to the URL contract
- Combine auth with validation and rate limiting
Match access control to the caller
Auth guards let each URL use the access pattern that fits its client: simple shared credentials for machine traffic, bearer tokens for API consumers, query keys for constrained webhook senders, or datastore-backed sessions for user-facing workflows.
Session-aware flows
Back user-facing endpoints with datastore sessions when workflow behavior depends on the current user.
Layered controls
Combine auth with rate limits, signing profiles, and validation for public internet endpoints.
Related features
Use these features together to build complete endpoint workflows.
Request handling
Validate, authenticate, and rate-limit incoming requests before endpoint actions run.
Rate limiting PRO
Apply per-endpoint request limits to protect capacity and upstream services.
Signing profiles
Verify webhook signatures from known providers or any HMAC-based source.
Input validation
Validate request data and uploads before actions mutate data or call external services.
Get started in minutes
Everything you need to go from zero to production-ready endpoints.
Create your first endpoint
Sign up, define a URL, and configure auth and validation in a few clicks.
Follow the quickstart
Use the docs to build and test a full endpoint workflow step by step.
Pick a plan when you are ready
Start free, then upgrade for higher limits, advanced features, and team workflows.
Ready to start building?
Get started with Streamnode and build your first endpoint in minutes.