Server-side key injection
A proxy technique where the upstream provider credential is added to a request inside the gateway, so the buyer never sees or handles the API key.
Server-side key injection means the upstream API key is attached to a request by the proxy, in the gateway process, rather than by the client. The buyer authenticates only to the proxy. When the proxy forwards the request to the upstream provider, it injects the provider credential server-side, receives the response, and returns it to the buyer. The buyer gets the data without ever possessing the key that unlocked it.
On Proxygate this is the core security property of the transparent proxy. Provider keys live in the gateway and are decrypted only in gateway memory at request time; they are never written to logs, responses, the database, or error messages, and they never travel to the agent. An agent presents its own Proxygate identity, and the gateway injects the seller's key for the matching listing on each forwarded call.
Key injection is what makes capacity resale safe for both sides. A seller can monetize an API without handing its credential to strangers, and a buyer can use the API without the burden and risk of storing someone else's secret. Because the key never leaves the gateway, a buyer's compromise cannot leak the provider credential, and a seller can rotate the key centrally without coordinating with any buyer.
Related concepts
Server-side key injection: frequently asked questions
It is a proxy technique where the upstream provider API key is added to a request inside the gateway, not by the client. The buyer authenticates to the proxy only and never sees or handles the provider key.
Provider keys live in the gateway and are decrypted only in gateway memory at request time. They are never written to logs, responses, the database, or error messages, and they never travel to the agent.
The seller monetizes an API without sharing its credential, and the buyer uses the API without storing someone else's secret. A buyer compromise cannot leak the key, and sellers can rotate keys centrally without coordinating with buyers.