execute_api_call
Execute HTTP requests with API keys stored in a secure vault, requiring biometric approval for each call to prevent credential exposure.
Instructions
Make an API call using a credential stored in SynAuth's vault.
This is the core structural enforcement tool: the agent provides the request details, SynAuth requests biometric approval, then executes the call with the stored credential. The agent never sees the raw API key or token.
Flow:
You provide: service name, HTTP method, URL, optional headers and body
SynAuth sends a push notification to the user's iPhone
User approves via Face ID
SynAuth injects the stored credential and makes the HTTP request
Response is returned to you
The URL must match one of the service's allowed hosts (security: prevents credential exfiltration). Each approval is single-use — you cannot re-execute the same approved request.
Example: Call OpenAI API service_name: "openai" method: "POST" url: "https://api.openai.com/v1/chat/completions" headers: {"Content-Type": "application/json"} body: '{"model": "gpt-4", "messages": [{"role": "user", "content": "Hello"}]}'
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| service_name | Yes | Name of the vault service (use list_vault_services to see available) | |
| method | Yes | HTTP method | |
| url | Yes | Full URL to call (host must be in service's allowed_hosts) | |
| headers | No | Additional headers (auth header is injected automatically) | |
| body | No | Request body (typically JSON string for POST/PUT/PATCH) | |
| description | No | Human-readable description shown in the approval prompt | |
| timeout_seconds | No | Max seconds to wait for approval (default: 120) |