Security Gateway

Universal Scraper Protection.

Activate the Jin Shield cryptographic trust perimeter. Intercept incoming traffic, verify agent credentials locally, and short-circuit non-compliant scrapers in milliseconds.

The "Take It or Leave It" Boundary

[ Incoming HTTP Request ]

🛡️ Universal Jin Shield Gateway

Cross-references signature public keys locally in-memory [0ms-hop]

✓ Signature Valid

✗ Unverified / Scraper

Verified Jin Agent

200 OK — Millisecond execution access granted.

Rogue Scraper Blocked

403 Forbidden — Short-circuited immediately.

Perimeter Security Capabilities

Zero-Latency Verification

Resolves rotated public keys once upon server boot and caches them. All signatures are verified locally in-memory via asymmetric RS256, eliminating per-request network hops entirely.

Exact Intent Routing

Decodes agent identity tokens and asserts that the verified intent_id claim matches the exact route path and HTTP method declared in your local jin.json specification map.

12 Native Adapters

Out-of-the-box support for popular frameworks spanning Node.js, Python, PHP, and Ruby. Automatically configured during CLI static initialization scans.

Strict Fallback Boundary

Short-circuits unauthorized agent hits or hostile crawlers with a standard HTTP 403 Forbidden, pointing them directly to the server's protocol map ('take it or leave it').

Wire Up Your perimeter in 2 Steps

Activate the security shield using the unified CLI utility. It scans your controllers, hooks up your specifications, and generates drop-in middlewares.

1Run the CLI Shield Initializer

Open your terminal at the root of your repository and activate the universal security perimeter scaffold:

$ npx @papercargo/jin-cli shieldActive CLI Scaffold

2Drop the Generated Middleware Adapter In

Select your backend environment below to inspect the corresponding framework-specific integration guide:

express.ts

const express = require('express');
const { jinShield } = require('@papercargo/jin-shield-express');

const app = express();

// Activate the trust perimeter boundary
app.use(jinShield({
  jwksUri: 'https://meetjin.com/.well-known/jwks.json',
  ruleFallback: 'block' // short-circuits scrapers with 403 Forbidden
}));

app.post('/api/v1/secure-fetch', (req, res) => {
  res.json({ 
    status: 'success', 
    data: 'Verified Express payload accessed in 12ms!' 
  });
});

12 Supported Framework Adapters

ExpressSupported

Verb & route matcher extraction

Next.jsSupported

App & Pages Router dynamic middleware

FastAPISupported

Typed path variables & dependencies

HonoSupported

Edge-native asymmetric JWT verification

FastifySupported

Explicit route declaration block scan

NestJSSupported

Class prefix + Guard decorator matching

tRPCSupported

Recursive nested dot-notation router crawl

Django RESTSupported

ViewSet router extraction & path variables

FlaskSupported

Supports methods lists & verb shortcuts

LaravelSupported

Direct web/api PHP routes extraction

Ruby on RailsSupported

Direct endpoints & resource macro normalizer

OpenAPI SpecSupported

Recursive spec finder for legacy APIs