Anonymous sandbox
The anonymous sandbox lets anyone try prxy.monster without a signup or a credit card. Each session can run a small fixed number of real Bedrock Nova Micro calls and emits signed public_demo receipts.
Sandbox is for evaluation only. Do not paste secrets, private code, or customer data — sandbox receipts are public_demo by design.
POST /v1/anon/sessions
Create a new sandbox session.
POST /v1/anon/sessions
Content-Type: application/json
{}Response:
{
"session_id": "1d2cf0fa-...",
"anon_token": "anon_...",
"request_limit": 5,
"requests_used": 0,
"expires_at": "2026-05-07T22:00:00.000Z"
}The anon_token authenticates subsequent calls in this session. Bare anon tokens never persist at rest — the gateway stores only anon_key_hash, ip_hash, and counters.
Use the anon token for inference
POST /v1/messages
Authorization: Bearer anon_xxx
Content-Type: application/json
{
"model": "us.amazon.nova-micro-v1:0",
"max_tokens": 200,
"messages": [{ "role": "user", "content": "Say hi" }]
}The response carries the standard receipt headers. Receipts are persisted with:
visibility: public_demoenvironment: demouser_id: null,api_key_id: nulltenant_id,project_id,agent_idhidden on the public surface.
GET /v1/anon/sessions/:session_id/receipts
List the receipts emitted under this session.
GET /v1/anon/sessions/<session_id>/receipts
Authorization: Bearer anon_xxxResponse uses snake_case and returns the receipt rows persisted under this session.
Claiming sandbox receipts after sign-up
If a sandbox session is active and the user signs up for prxy.monster, the sign-up flow can call the claim endpoint to associate those sandbox receipts with the new account:
POST /api/anon/claim
Content-Type: application/json
Authorization: Bearer <fresh-prxy-key>
{ "session_id": "1d2cf0fa-..." }The receipts themselves are never mutated — the original signature stays valid forever. The link lives in the sidecar anonymous_session_receipt_claims table, which lair joins when listing transactions for the converted user.
Errors
| Status | Code | Cause |
|---|---|---|
| 400 | invalid_session_id | UUID malformed. |
| 401 | invalid_anon_token | Token missing, malformed, or revoked. |
| 410 | session_expired | expires_at has passed. |
| 429 | request_limit_exceeded | The session has consumed its request_limit. |
Privacy
- Bare anon tokens never persist at rest; only their sha-256 hash plus an
ip_hashand counters. - Sandbox receipts are
public_demo; the public surface hides tenant / project / agent / customer / IP / trace ids. - The signature stays verifiable — anyone can prove the call happened, no one can identify the caller.
- Sandbox usage does not feed foundation-model training. We do not train on customer content.