Latch / Docs
reference

Proxy API

The entire public API: four operations. Generated from /openapi.json.

Everything below is generated from /openapi.json, which you can point a client generator at.

AuthenticationEvery call carries a Latch access token: Authorization: Bearer lat_…. The token identifies the latch, which binds the upstream, the credential, and the policy pipeline. It is the only credential you ever hold.
GET /proxy/{path}

Forward a request upstream through the policy pipeline

Evaluates the latch's filter pipeline against this request. If every filter allows it, Latch injects the real credential and forwards the request to the latch's upstream, then returns the upstream's response to you verbatim (status, headers, and body, including streamed responses).

The path after /proxy/ is passed through to the upstream, so /proxy/v1/chat/completions reaches <upstream>/v1/chat/completions. Query strings are forwarded. Non-JSON bodies are forwarded byte-for-byte.

All HTTP methods are accepted, not only the ones enumerated here; the pipeline decides which the latch actually permits (see the method filter).

Parameters
NameInDescription
Authorization required header Bearer lat_...
path required path Upstream path, forwarded as-is.
Responses
CodeMeaning
200 The upstream's response, returned verbatim.
400 Malformed request (for example, the evaluation-depth ceiling was exceeded).
401 Missing or invalid access token.
403 Denied by policy. The pipeline evaluated and a filter said no; the request never reached the upstream and the credential was never used. deniedBy names the filter.
404 No mount on this latch matches the request path.
429 Rate limited. Sent when a rate_limit filter trips, or when the per-latch global ceiling does. Retry-After gives the wait in seconds.
502 The upstream, or the policy enclave, could not be reached or returned garbage.
POST /proxy/{path}

Forward a request upstream through the policy pipeline

Evaluates the latch's filter pipeline against this request. If every filter allows it, Latch injects the real credential and forwards the request to the latch's upstream, then returns the upstream's response to you verbatim (status, headers, and body, including streamed responses).

The path after /proxy/ is passed through to the upstream, so /proxy/v1/chat/completions reaches <upstream>/v1/chat/completions. Query strings are forwarded. Non-JSON bodies are forwarded byte-for-byte.

All HTTP methods are accepted, not only the ones enumerated here; the pipeline decides which the latch actually permits (see the method filter).

Parameters
NameInDescription
Authorization required header Bearer lat_...
path required path Upstream path, forwarded as-is.
Responses
CodeMeaning
200 The upstream's response, returned verbatim.
400 Malformed request (for example, the evaluation-depth ceiling was exceeded).
401 Missing or invalid access token.
403 Denied by policy. The pipeline evaluated and a filter said no; the request never reached the upstream and the credential was never used. deniedBy names the filter.
404 No mount on this latch matches the request path.
429 Rate limited. Sent when a rate_limit filter trips, or when the per-latch global ceiling does. Retry-After gives the wait in seconds.
502 The upstream, or the policy enclave, could not be reached or returned garbage.
PUT /proxy/{path}

Forward a request upstream through the policy pipeline

Evaluates the latch's filter pipeline against this request. If every filter allows it, Latch injects the real credential and forwards the request to the latch's upstream, then returns the upstream's response to you verbatim (status, headers, and body, including streamed responses).

The path after /proxy/ is passed through to the upstream, so /proxy/v1/chat/completions reaches <upstream>/v1/chat/completions. Query strings are forwarded. Non-JSON bodies are forwarded byte-for-byte.

All HTTP methods are accepted, not only the ones enumerated here; the pipeline decides which the latch actually permits (see the method filter).

Parameters
NameInDescription
Authorization required header Bearer lat_...
path required path Upstream path, forwarded as-is.
Responses
CodeMeaning
200 The upstream's response, returned verbatim.
400 Malformed request (for example, the evaluation-depth ceiling was exceeded).
401 Missing or invalid access token.
403 Denied by policy. The pipeline evaluated and a filter said no; the request never reached the upstream and the credential was never used. deniedBy names the filter.
404 No mount on this latch matches the request path.
429 Rate limited. Sent when a rate_limit filter trips, or when the per-latch global ceiling does. Retry-After gives the wait in seconds.
502 The upstream, or the policy enclave, could not be reached or returned garbage.
PATCH /proxy/{path}

Forward a request upstream through the policy pipeline

Evaluates the latch's filter pipeline against this request. If every filter allows it, Latch injects the real credential and forwards the request to the latch's upstream, then returns the upstream's response to you verbatim (status, headers, and body, including streamed responses).

The path after /proxy/ is passed through to the upstream, so /proxy/v1/chat/completions reaches <upstream>/v1/chat/completions. Query strings are forwarded. Non-JSON bodies are forwarded byte-for-byte.

All HTTP methods are accepted, not only the ones enumerated here; the pipeline decides which the latch actually permits (see the method filter).

Parameters
NameInDescription
Authorization required header Bearer lat_...
path required path Upstream path, forwarded as-is.
Responses
CodeMeaning
200 The upstream's response, returned verbatim.
400 Malformed request (for example, the evaluation-depth ceiling was exceeded).
401 Missing or invalid access token.
403 Denied by policy. The pipeline evaluated and a filter said no; the request never reached the upstream and the credential was never used. deniedBy names the filter.
404 No mount on this latch matches the request path.
429 Rate limited. Sent when a rate_limit filter trips, or when the per-latch global ceiling does. Retry-After gives the wait in seconds.
502 The upstream, or the policy enclave, could not be reached or returned garbage.
DELETE /proxy/{path}

Forward a request upstream through the policy pipeline

Evaluates the latch's filter pipeline against this request. If every filter allows it, Latch injects the real credential and forwards the request to the latch's upstream, then returns the upstream's response to you verbatim (status, headers, and body, including streamed responses).

The path after /proxy/ is passed through to the upstream, so /proxy/v1/chat/completions reaches <upstream>/v1/chat/completions. Query strings are forwarded. Non-JSON bodies are forwarded byte-for-byte.

All HTTP methods are accepted, not only the ones enumerated here; the pipeline decides which the latch actually permits (see the method filter).

Parameters
NameInDescription
Authorization required header Bearer lat_...
path required path Upstream path, forwarded as-is.
Responses
CodeMeaning
200 The upstream's response, returned verbatim.
400 Malformed request (for example, the evaluation-depth ceiling was exceeded).
401 Missing or invalid access token.
403 Denied by policy. The pipeline evaluated and a filter said no; the request never reached the upstream and the credential was never used. deniedBy names the filter.
404 No mount on this latch matches the request path.
429 Rate limited. Sent when a rate_limit filter trips, or when the per-latch global ceiling does. Retry-After gives the wait in seconds.
502 The upstream, or the policy enclave, could not be reached or returned garbage.
GET /proxy/.well-known/latch-capabilities

What is this latch allowed to do?

Returns the latch's effective capabilities: its mounts, their upstreams, and the filters that will be applied. An agent can call this to discover its own scope instead of probing the upstream and collecting denials.

Reflects the *effective* pipeline, so inherited filters from a parent latch are included.

Parameters
NameInDescription
Authorization required header Bearer lat_...
Responses
CodeMeaning
200 The latch's capabilities.
401 Missing or invalid access token.
GET /proxy/.well-known/latch-self/whoami

Who am I, and what do I front?

The calling latch's own id and its mount table: each mount's name and, for proxy mounts, its upstream. The first call an agent should make.

Parameters
NameInDescription
Authorization required header Bearer lat_...
Responses
CodeMeaning
200 Who am I, and what do I front?
401 Missing or invalid access token.
GET /proxy/.well-known/latch-self/capabilities

What am I allowed to do?

The latch's effective capabilities, including filters inherited from a parent. Same body as /proxy/.well-known/latch-capabilities, which is kept for backward compatibility.

Parameters
NameInDescription
Authorization required header Bearer lat_...
Responses
CodeMeaning
200 What am I allowed to do?
401 Missing or invalid access token.
GET /proxy/.well-known/latch-self/budget

How much of my daily spend is left?

The latch's spend cap and its live daily spend. Returns { "message": "No cost budget configured" } when the latch has no spend_limit filter and no legacy cost budget.

Parameters
NameInDescription
Authorization required header Bearer lat_...
Responses
CodeMeaning
200 How much of my daily spend is left?
401 Missing or invalid access token.
GET /proxy/.well-known/latch-self/metering

Per-mount request metrics for this latch

Parameters
NameInDescription
Authorization required header Bearer lat_...
Responses
CodeMeaning
200 Per-mount request metrics for this latch
401 Missing or invalid access token.
GET /proxy/.well-known/latch-self/audit

My own recent requests

The latch's last 20 audit entries: what it asked for, and what was decided.

Parameters
NameInDescription
Authorization required header Bearer lat_...
Responses
CodeMeaning
200 My own recent requests
401 Missing or invalid access token.
GET /proxy/.well-known/latch-self/sla

My bilateral agreement, and whether the policy satisfies it

Returns { "status": "none" } when the latch carries no SLA. Otherwise the SLA terms and the validation result against the effective pipeline.

Parameters
NameInDescription
Authorization required header Bearer lat_...
Responses
CodeMeaning
200 My bilateral agreement, and whether the policy satisfies it
401 Missing or invalid access token.
POST /proxy/.well-known/latch-self/authorize

Ask for a policy decision without executing the request

Runs the pipeline against a hypothetical request and returns the decision, without calling the upstream and without using the credential. Use it to check a request before committing to it, or to drive UI that only offers actions the latch actually permits.

The method and path are canonicalized exactly as /proxy canonicalizes them, so a decision here matches what /proxy would do. (They diverged once; that was an auth bypass, and it is now a shared code path.)

Parameters
NameInDescription
Authorization required header Bearer lat_...
Responses
CodeMeaning
200 The decision. Note this is 200 even when the decision is deny: the endpoint answers the question successfully. A denial only becomes a 403 when you actually call /proxy.
401 Missing or invalid access token.
403 The latch itself is disabled or expired (as opposed to the request being denied).