Skip to main content

Browser Demo Auth

Use the browser-demo path when you want the FastNear docs UI to send authenticated requests on your behalf while you explore the API surface.

Good fit

  • Personal exploration in the docs.
  • Local development where you are testing request shapes.
  • Short-lived demos with your own browser session.

Not a good fit

  • Production web apps.
  • Shared kiosks or shared browsers.
  • Agent runtimes that other users can inspect.
  • Any workflow where the browser should not have direct access to the credential.

How the docs flow works

  • The docs UI can read ?apiKey= from the URL for immediate overrides.
  • The in-browser manager can also store your key in localStorage for convenience during docs exploration.
  • Supported FastNear docs pages append the API key when they make requests to FastNear endpoints.

Security guidance

  • Assume any browser-stored key is recoverable by the person controlling that browser.
  • Do not treat browser storage as a production secret store.
  • Clear saved keys after demos on machines you do not fully control.
  • Prefer the production-backend track as soon as traffic leaves your laptop.

Safe-ish demo checklist

  1. Use a personal key, not a shared team credential.
  2. Keep the key scoped to docs exploration and low-risk test traffic.
  3. Remove the saved key after the session if the machine is not dedicated to you.
  4. Move any real application or agent traffic to a backend before launch.

Troubleshooting

The docs page is still acting unauthenticated

  • Confirm the page is a FastNear surface that supports API-key forwarding.
  • Refresh the page after saving the key.
  • Check whether the URL contains an overriding ?apiKey= value.

I do not want the key stored in the browser

Use a short-lived ?apiKey= URL override for a session, or skip the browser flow entirely and use the backend pattern.

My agent needs this key

Do not give the agent a browser-managed credential. Use the Production Backend pattern instead.