Quickstart Guide

Follow these steps to secure your first API key and route a request through the Ephos Identity Broker.

01 Create Your Vault

Sign in to the Ephos Dashboard. Upon your first login, you will be prompted to create a Master Passphrase. This passphrase is used to derive your encryption keys locally; it is never stored on our servers.

02 Add a Phantom Key

Navigate to the Vault tab and click "Add Key." Paste your raw API secret (e.g., an OpenAI key) and give it a label. Your browser will encrypt the key before it is sent to our Secure Enclave.

03 Mint an Ephos Token

Click on your new Phantom Key and select "Mint Token." Define the scope:

Allowed Domains: `api.openai.com`
Label: "Production Chatbot"

Copy the resulting token (it will look like `et_live_...`).

04 Route a Request

Instead of calling the API directly, route your request through our Gateway. Use the Ephos Token in your headers, and specify the target URL in the request body.

curl -X POST https://auth.phantom-projects.com/api/vault/execute \
  -H "X-Ephos-Token: et_live_your_token" \
  -H "X-Ephos-Derived-Key: [your_derived_key_base64]" \
  -H "Content-Type: application/json" \
  -d '{
    "service": "OpenAI [PROD]",
    "targetUrl": "https://api.openai.com/v1/chat/completions",
    "method": "POST",
    "body": {
      "model": "gpt-4",
      "messages": [{"role": "user", "content": "Secure hello!"}]
    }
  }'
      

05 Verify Audit Logs

Go to the Audit Logs tab in the dashboard. You should see a new entry showing the successful proxy request, including the timestamp, target domain, and the specific Ephos Token used.