skip to main content
Browse documentation

.NET

Verify Syncanix agent intents in ASP.NET Core 8+ — Minimal API and MVC — with a local HMAC check on every tool call.

The ASP.NET Core SDK supports Minimal API and MVC on .NET 8+. Register intent verification at startup and read the verified intent from the HttpContext in your endpoint or controller action.

Install

Add the package to your project with your language's package manager.

dotnet add package Syncanix.Sdk.AspNetCore

Configure the secret

The SDK verifies intents with your tenant's intent-signing secret. Store it as an environment variable — never commit it to source control — and load it where you register the SDK.

export SYNCANIX_SECRET="your-intent-signing-secret"

Verify intents

Register the SDK on the routes that expose agent actions. It verifies the X-Syncanix-Intent header before your handler runs, rejects any invalid or replayed call with a 403, and hands your handler the verified payload — including the acting tenant and user.

var builder = WebApplication.CreateBuilder(args);
builder.Services.AddSyncanixIntent(
    secret: Environment.GetEnvironmentVariable("SYNCANIX_SECRET")!);

var app = builder.Build();
app.UseSyncanixIntentVerification(toolBasePath: "/tools");

app.MapPost("/tools/refund", (HttpContext ctx) =>
{
    var intent = ctx.GetSyncanixIntent()!;
    return Results.Ok(new { intent.TenantId, intent.UserId });
});

app.Run();
Verifying an intent on a tool route. On success the verified payload is available to your handler; on failure the SDK returns 403 before your code runs.

Next steps