Skip to main content
AvailableFor developers integrating directly

Build private access directly into your product.

Protect resources and mint portal links from your product with the Go, TypeScript, and Python SDKs — or the REST API.

The usual way to do this is leaky

Reaching a private resource from API usually means one of these workarounds — each of which leaves something standing that shouldn’t be.

  • Hand-rolled token systems with their own expiry and revocation
  • Reverse proxies and allowlists maintained by hand
  • Reusable links that leak from logs and chat history

Verify the requester, then open one private route

Requester

A API user or agent asks for access to a private resource.

LayerV

Identity and policy are verified before anything becomes reachable.

Private resource

Connected to LayerV with no public inbound path of its own.

Temporary route

A single-use, identity-bound qURL opens for the approved requester, then expires.

Real code you can run today

client, err := qurl.OpenClient()

resource, err := client.ProtectURL(ctx,
    "https://dashboard.internal.acme.com")

portal, err := resource.CreatePortal(ctx,
    qurl.ValidFor(time.Hour))

fmt.Println(portal.Link) // the qURL to share

From zero to first access

  1. 1

    Get an API key

    Create a key in the dashboard with qurl:write scope.

  2. 2

    Protect a URL, get a portal

    POST /v1/qurls with a target_url and an expiry.

  3. 3

    Share the portal link

    Hand out the returned qurl_link — single-use, identity-bound, expiring.

  4. 4

    Resolve or revoke

    Agents resolve via /v1/resolve; revoke any token with DELETE.

Available now, and what isn’t yet

Works today

  • Stable REST API at api.layerv.ai (sandbox at api.layerv.xyz)
  • Go SDK — go get github.com/layervai/qurl-go/qurl
  • TypeScript SDK — npm install @layervai/qurl
  • Python SDK — pip install qurl-python
  • Access policy: IP, geo, and AI-agent rules
  • Interactive playground with live calls