Log in

We carry the traffic. You ship.

Origin shield for APIs

An origin shield for your API.

Clients connect to EchoRelay, never to your origin. We authenticate, validate, rate-limit, and allowlist at the edge, so your real servers stay off the public map.

Why EchoRelay

Less to build, less to run.

Your servers, invisible

Callers reach us; your infrastructure never takes a public hit and stays off the map.

Screened at the edge

Requests are authenticated and validated against your schema, with rate-limits and allowlists in front — malformed or abusive traffic stops here.

Flood protection, stated honestly

We rate-limit and allowlist so bursts hit us first — flood protection, not a scrubbing CDN, and we don’t absorb volumetric attacks for you.

Questions

Answered, honestly.

What is an origin shield for an API?
It is a layer in front of your API that receives all client traffic so your origin servers never take a direct public hit. Authentication, validation, and rate-limiting happen at the edge.
Is an origin shield the same as DDoS mitigation?
No. We rate-limit and allowlist so bursts and abuse hit us first, but we are not a scrubbing CDN and don’t absorb volumetric attacks for you. Flood protection is the honest term.
Do you verify webhook signatures for me?
We authenticate inbound traffic with a project key you mint, validate payloads against your schema, and dedupe — but per-provider HMAC signature verification isn’t something we do today.

Connect everything. Build nothing.

No credit card required.

Currency: