MandateZ Proxy Mode — Zero-Code Governance
Proxy Mode is the fastest path to MandateZ governance. Instead of installing@mandatez/sdk
and refactoring your agent’s action layer, you repoint your HTTP client at the MandateZ proxy
and every outbound call to OpenAI, Anthropic, Stripe, Supabase, Slack, or any other API is:
- Policy-checked against the rules you’ve configured in your dashboard
- Signed with an Ed25519 key escrowed by MandateZ and bound to your agent ID
- Logged to the same
agent_eventsstream the SDK writes to - Trust-scored in the background
Proxy Mode is the right first integration when you need governance working in under ten
minutes or when you cannot modify the agent’s source (third-party SaaS, compiled binaries,
n8n nodes). For full SDK capabilities — per-agent keypairs you control, synchronous
oversight gates with
waitForApproval, cross-agent verification — use the SDK directly.How It Works
https://core-dashboard-black.vercel.app/api/proxy
instead of directly to the target API. The proxy reads three X-MandateZ-* headers, evaluates
the call against your configured policies, and — if allowed — forwards the request to the real
target. The target’s response is relayed back unchanged. If the call is blocked, the target
API is never contacted and your agent receives a 403 with the policy reason.
Setup — Three Steps
Step 1 — Configure Your HTTP Client
Prefix your existing API calls with the MandateZ proxy URL and add three headers. Everything else (auth headers, body, method) stays identical to the direct call.Python
Node.js
Step 2 — Set Policies in Your Dashboard
Define which action types (read, write, export, delete, call, payment) and resource
patterns the agent is allowed to hit. The proxy evaluates every forwarded call against these
rules before contacting the target.
Example policy covering the Vercel-class failure mode:
Step 3 — Watch Events Stream in Real Time
Every proxied call produces a signedAgentEvent visible in the live event feed. The event
records the action type, derived resource, outcome, policy ID, HTTP method, status code, and
latency — but never the request or response body.
Request Headers Reference
All other headers (including
Authorization and Content-Type) pass through to the target
unchanged. MandateZ strips X-MandateZ-* headers before forwarding so the target API never
sees them.
Response Headers
On successful proxy, the response includes:What Gets Governed
The proxy automatically maps each target URL to a resource string your policies can match. Well-known hosts fold into a short prefix; custom hosts fall back to the full hostname.
You can override the auto-derived resource with the
X-MandateZ-Resource header — useful when
you want to group multiple upstream APIs under a single policy prefix.
Privacy
MandateZ Proxy does not store request or response bodies. Only the action type, resource, outcome, policy ID, HTTP method, status code, and timestamp are logged — never your prompts, API payloads, or upstream responses. Every event is Ed25519-signed by an escrowed key bound to your agent ID. Because the key is managed by MandateZ on your behalf, Proxy Mode’s audit trail is most useful when governance is the security boundary. For workloads where cryptographic non-repudiation from the agent runtime itself is required (e.g. EU AI Act Article 12 for regulated-industry deployments), use the SDK directly so the private key never leaves your infrastructure.Network Policy
MandateZ Proxy forwards only to public HTTPS endpoints. Private IPs (RFC1918, loopback, link-local, CGNAT), cloud metadata endpoints (169.254.169.254,
metadata.google.internal), and plain HTTP targets are rejected with a 400. Request bodies
larger than 5 MB are rejected with a 413.
Cache Behaviour
Proxy Mode caches your per-owner policy list in memory for 30 seconds. Policy changes made through the dashboard take effect on the next cache refresh — worst case ~30 s for a hot proxy instance, immediate for a cold one. If you need to force a policy rollout faster, redeploy the dashboard or evict the cache entry for that owner.Proxy Mode vs SDK
Proxy Mode and the SDK write to the same
agent_events stream — you can switch between them
or run both on the same agent without losing audit continuity.
Get Started
Open your dashboard, copy the Proxy Setup snippet, and route your first call through MandateZ in under 60 seconds.