The least-privilege wrapper for modern APIs

Shrink any API to exactly
what your agent needs.

Narrow API wraps third-party APIs in scoped, safe proxy endpoints. Your agent gets a single URL and token—your credentials never leave the server.

Start building See how it works 
{
  "name": "Send welcome email",
  "method": "POST",
  "target_url": "https://api.resend.com/emails",
  "auth_type": "bearer",
  "auth_value": "re_abc...secret",

  // Agent can only set "to" — from, subject, and body are protected
  "input_schema": [
    { "name": "to", "type": "string", "required": true }
  ]
}
AES-256 encrypted Every call logged Credentials never exposed OpenAPI native

From full API to safe tool in minutes

Pre-built templates for the APIs your agents actually use. Define once, share a scoped endpoint.

POST Send email via Resend
Target api.resend.com/emails
Agent sees
to subject body
Locked
API key from address

Agent can send emails but can't change the sender, access the API key, or hit any other Resend endpoint.

POST Issue Stripe refund
Target api.stripe.com/v1/refunds
Agent sees
charge_id amount reason
Locked
Secret key Account ID

Agent can issue refunds for specific charges but can't access balances, customers, or any other Stripe resource.

Three steps to safe agent access

01

Define the action

Pick the API, lock credentials server-side, and declare which input fields the agent can fill in.

02

Create a scoped token

Generate a token that grants access to just the actions you choose. Revoke it any time with one click.

03

Hand the URL to your agent

Your agent calls POST /x/:id with the token. Narrow API validates, proxies, and logs every call.

Minimal surface area. Maximum control.

Constrain parameters. Prevent surprises. Every feature exists to give you control over what your agents can do—and visibility into what they actually did.

Full audit log

Every proxy call is logged with request body, response status, duration, and IP. Filter by status, time window, and paginate through history.

Instant kill switch

Revoke any token or deactivate any action immediately. Access stops within milliseconds—no waiting, no stale caches.

Scoped tokens

Each token grants access to specific actions only. An agent with a send-email token can't trigger a refund—even if it knows the endpoint.

Rate limiting

Set per-minute and per-hour limits on every action. If an agent enters a loop, rate limiting stops it before real damage happens.

Input validation

Define required fields, types, and schemas. Invalid payloads are rejected at the proxy before they ever reach the downstream API.

Encrypted at rest

API keys and auth headers are AES-256-GCM encrypted. They exist only on the server—never in agent prompts, logs, or network traffic.

Terminal
$ curl -X POST https://narrowapi.com/api/v1/actions \
-H "Authorization: Bearer sk_..." \
-d '{"name":"Send email", ...}'
{"id":"act_7kX2m9","status":"active"} 200 OK
$ curl -X POST https://narrowapi.com/api/v1/tokens \
-H "Authorization: Bearer sk_..." \
-d '{"action_ids":["act_7kX2m9"]}'
{"token":"sxt_Dk9m2x..."} 201 Created
Agent-native

Configured by agents,
for agents

Narrow API exposes a full management API with OpenAPI spec and llms.txt discovery. Your coding agent can create actions, issue tokens, and set up everything it needs—programmatically.

  • Full REST API for actions, tokens, and API keys
  • OpenAPI spec at /.well-known/openapi.json
  • One-click setup prompt for Claude, Cursor, and other agents
  • Agents self-service; you stay in control

Make the narrow path the only path

Without Narrow API
  • Raw API keys in agent prompts
  • Full API surface exposed
  • No visibility into what the agent did
  • Can't revoke without rotating API keys
  • No rate limits if agent enters a loop
With Narrow API
  • Credentials encrypted server-side
  • Only the fields you define are exposed
  • Full audit trail of every execution
  • Revoke a token in one click, instantly
  • Built-in rate limiting catches runaway agents

Stop giving agents the keys to the kingdom

Create your first scoped action in under a minute. Free to start, no credit card required.

Get started free

Already have an account? Sign in