Open source · Free tier · No vendor lock-in

Share API access without sharing keys

Presign generates secure, time-limited URLs for any API. Your keys stay encrypted — recipients only get the access they need.

Get StartedLearn more
GET /api/proxy/conn_abc123/v1/chat/completions
    ?X-Presign-Expires=1775306655
    &X-Presign-Methods=POST
    &X-Presign-Paths=v1/*
    &X-Presign-Signature=fb589bf1...e32602

Keys never leave the server

API keys are AES-256 encrypted at rest. Presigned URLs use HMAC-SHA256 signatures — no credentials are ever exposed to end users.

Real-time monitoring

Track every proxied request live. Filter by connection, see status codes, response times, and error rates at a glance.

Fine-grained access rules

Restrict by HTTP method, URL path pattern, and expiration time. Every URL only grants exactly the access you define.

Three steps to secure API sharing

1

Pick a provider from the API Store

Choose from preconfigured providers like OpenAI, Groq, Anthropic, and more — or add any custom API.

2

Generate a presigned URL

Select allowed methods, path patterns, and expiration. The URL is signed client-side — your signing secret never hits the network.

3

Share the link, keep control

Hand out the URL to teammates, scripts, or apps. Monitor usage in real time and let it expire automatically.

Built on

CF Cloudflare Workers D1 SQLite at the edge AES 256-bit encryption HMAC SHA-256 signatures

Frequently Asked Questions

What is Presign?

Presign is an open-source service that generates secure, time-limited presigned URLs for any HTTP API. It lets you share API access with teammates, scripts, or applications without exposing your API keys. Keys are AES-256 encrypted at rest, and URLs use HMAC-SHA256 signatures.

How does Presign work?

You store your API key in Presign (encrypted with AES-256), then generate a presigned URL with specific permissions: allowed HTTP methods, URL path patterns, and an expiration time. The URL is signed with HMAC-SHA256 using your signing secret. When someone uses the URL, Presign verifies the signature and proxies the request to the API.

Is Presign free?

Yes. Presign offers a free tier with 3 API connections and 1,000 requests per month. No credit card required. Pro and Enterprise plans are available for teams needing more capacity.

What APIs does Presign support?

Presign works with any HTTP API. The API Store includes preconfigured providers like OpenAI, Anthropic, Groq, and more. You can also add any custom API by providing its base URL.

Is Presign secure?

Yes. API keys are encrypted with AES-256 at rest and never leave the server. Presigned URLs use HMAC-SHA256 signatures and can be restricted by HTTP method, path pattern, and expiration time. The service runs on Cloudflare Workers at the edge.

How is Presign different from API gateways?

Unlike traditional API gateways, Presign focuses specifically on presigned URL generation. URLs are self-contained with their permissions encoded in the signature — no session state, no token refresh, no SDK required. Recipients just use a plain URL.

Start sharing APIs securely

Free forever for small projects. No credit card required.

Get StartedAPI Store