Skip to Content
Engineering11 Documentation 🔥
BackendServer API PackagesSecurity

Security API

JWT token management and threat intelligence validation with IPQS integration.

What It Does

The Security API provides two core security capabilities: secure JWT token creation/verification using cloud-managed RSA keys, and comprehensive threat intelligence validation for emails, IP addresses, and URLs through integration with IP Quality Score (IPQS). This enables applications to authenticate users securely and validate user-supplied data for fraud and safety.

Key Capabilities

CapabilityDescription
JWT Token ManagementSign and verify JWTs using RS256 with cloud-stored private keys
Email ValidationDetect disposable emails, spam traps, and compromised accounts
IP Address IntelligenceIdentify proxies, VPNs, Tor, bots, and fraudulent IP addresses
URL Safety CheckingDetect malware, phishing, spam, and adult content in URLs
Cloud Secret IntegrationAutomatic key retrieval from Google Cloud Secrets Manager
Fraud ScoringMulti-dimensional fraud risk scores for emails, IPs, and URLs
Geolocation DataIP address geolocation with ISP and ASN information
Domain IntelligenceDomain age, velocity, and reputation scoring

Configuration

JWT Configuration

  • Keyring ID: Default ‘jwt’
  • Signing Key: Default ‘base-signing-key’
  • Algorithm: RS256 (RSA with SHA-256)
  • Options: Audience, expiration, clock tolerance

IPQS Configuration

  • Base URL: https://www.ipqualityscore.com/api/json
  • API Key: Retrieved from ‘ipqs_access_key’ secret
  • Services: Email, IP, URL validation

Error Types

  • INVALID_URL - Invalid URL validation
  • KEY_NOT_FOUND - Missing IPQS API key

Exports

Services

  • JWTService - JWT signing and verification
  • IPQSService - Core IPQS API integration
  • EmailLookUpService - Email validation wrapper
  • IPLookUpService - IP validation wrapper
  • URLLookUpService - URL validation wrapper

Models

  • IIPQSEmailResult - Email validation response
  • IIPQSIpResult - IP validation response
  • IIPQSURLResult - URL validation response

Constants

  • IPQS_SERVICES_TYPES - Service type enum
  • Error type constants

Common Use Cases

  • User registration: Validate email addresses for fraud and quality
  • Login security: Check IP addresses for VPN, proxy, and bot activity
  • Link sharing: Validate URLs before allowing users to post links
  • Fraud prevention: Screen new accounts with multi-factor validation
  • API authentication: Issue and verify JWT tokens for API access
  • Content moderation: Detect and block malicious URLs in user content
  • Account security: Monitor for compromised email addresses
  • Geolocation-based features: Restrict access based on IP geolocation

What Customers Don’t Have to Build

  • JWT signing and verification infrastructure
  • Private key management and rotation
  • Email validation and fraud detection
  • IP address geolocation and threat intelligence
  • URL safety checking and categorization
  • Proxy, VPN, and Tor detection
  • Bot and crawler identification
  • Spam trap and disposable email detection
  • Data breach exposure checking
  • Domain reputation scoring
  • Fraud risk scoring algorithms
  • IPQS API integration and error handling
  • Cloud Secrets Manager integration
  • RS256 cryptographic operations
  • Token expiration and audience validation
  • Threat intelligence database access
Last updated on
LoggingTypes