LogoLogo
  • Introduction to Unizen
    • Unizen Overview
      • Unizen Liquidity Distribution Mechanism (ULDM)
        • ULDM Performance
      • Unizen Interoperability Protocol (UIP)
        • LayerZero
        • DeBridge
        • Stargate
        • Celer
        • Axelar
        • Thorchain
    • Unizen Dashboard
      • General
      • Portfolio
      • History
    • Unizen Trade
      • Fees
    • Unizen Explore
      • Unizen Omni-Chain Data Pool
    • Unizen Earn
  • ZCX
    • Token Utility
    • Tokenomics
  • API - Introduction
    • Introduction
    • Before you get started
      • Understanding Price Impact and Price Slippage in Token Swaps
      • Token Allowance Management for Non-updatable Allowance Tokens
      • Tokens with taxes
      • Wrapping and Unwrapping Native Tokens
      • Quote expiration deadline
    • Security Best Practices for Integrating Unizen
      • Why disable CORS
      • How to integrate with a reverse proxy
    • Version 2 of our smart contracts
      • Migration to smart contract v2
  • API - GET STARTED
    • QuickStart guide
    • Swagger
    • Information endpoints
      • GET /trade/v1/info/chains
      • GET /trade/v1/info/sources
      • GET/v1/info/cross-providers
      • GET /trade/v1/info/token/search
      • GET /v1/info/token/popular
      • GET /trade/v1/info/token/{chainId}/{tokenAddress}
      • GET /trade/v1/info/tokenLogo/{chainId}/{tokenAddress}
      • GET /info/thorchain-inbound-address
      • GET /trade/v1/info/tx/{txHash}
      • GET /trade/v1/info/trade/{chainId}/{txHash}
      • GET /trade/v1/info/trades
    • Approval
      • GET /trade/v1/{chainId}/approval/spender
      • GET /trade/v1/{chainId}/approval/transaction
      • GET /trade/v1/{chainId}/approval/allowance
    • Single-Chain Swap
      • GET /trade/v1/{chainId}/quote/single
      • GET /trade/v1/{chainId}/swap/single
      • Send transaction in evm chains
      • Send transaction in Solana
    • Cross-Chain Swap
      • GET /trade/v1/{chainId}/quote/cross
      • GET /trade/v1/{chainId}/swap/cross
      • Send transaction
    • Gasless orders
      • POST /trade/v1/gasless/typed-data
      • POST /v1/gasless/estimate
      • POST /v1/gasless/create
      • POST /v1/gasless/cancel
      • GET /trade/v1/gasless/status/{orderId}
      • GET /v1/gasless/orderByAddress/{address}
    • UTXO Assets and Cosmos Swap
      • GET /trade/v1/{chainId}/quote/cross 1
      • GET /trade/v1/{chainId}/swap/cross
      • Sending transactions
    • Efficient Quote Retrieval with Batch Processing
      • GET /trade/v1/{chainId}/batch_quote/single
    • Error Messages
  • GASLESS TRADES
    • Obtaining gasless quotes
    • Gas estimation
    • Executing the trade
    • Following the orders
  • On-Chain Contracts - Get Started
    • Integration with Unizen Contracts for Token Swapping
    • Registering Errors on Smart Contract Calls
  • PERMIT2
    • What is Permit2?
    • Usage in our api
  • WIDGET - Get Started
    • Embed the Unizen Widget
    • Playground
  • Other
    • Smart Contracts
    • Security Audits
    • Roadmap
  • links
    • Unizen
    • Marketing Website
    • Medium
    • Twitter
    • Discord
    • Telegram
Powered by GitBook
On this page

Was this helpful?

  1. API - Introduction
  2. Security Best Practices for Integrating Unizen

How to integrate with a reverse proxy

How to Integrate with a Reverse Proxy:

1. Selecting a Reverse Proxy Solution:

Integrators are encouraged to choose a reliable reverse proxy solution that aligns with their specific requirements. Popular options include Nginx, Apache HTTP Server, and cloud-based solutions like AWS API Gateway.

2. Configuring API Key Handling:

Proper configuration of the reverse proxy is essential for secure API key handling. Integrators should follow best practices for configuring the proxy to conceal API keys and enforce access controls.

3. Implementing Secure Communication:

Ensure that communication between client applications and the reverse proxy, as well as between the proxy and API servers, is secured using HTTPS. This safeguards data in transit and prevents potential eavesdropping.

Disabling CORS in our API endpoints is a deliberate choice aimed at fortifying the security of our digital infrastructure. We advocate the use of a reverse proxy as a secure and effective means to handle API requests, concealing API keys and centralizing security controls. Integrators are encouraged to follow best practices outlined in this documentation to ensure a secure and reliable integration with our API.

By embracing these security measures, we reinforce our commitment to protecting sensitive data, maintaining the trust of our users and integrators, and creating a robust foundation for secure API-driven applications.

PreviousWhy disable CORSNextVersion 2 of our smart contracts

Last updated 6 months ago

Was this helpful?