skip to main content
Browse documentation

Spring Boot

Verify Syncanix agent intents in Spring Boot with auto-configured, servlet-filter intent verification.

The Spring Boot SDK auto-configures a servlet filter from your application configuration. Annotate tool endpoints with @SyncanixVerifyIntent and read the verified payload from the request attributes.

Install

Add the package to your project with your language's package manager.

implementation "ai.syncanix:syncanix-sdk-spring-boot"

Configure the secret

The SDK verifies intents with your tenant's intent-signing secret. Store it as an environment variable — never commit it to source control — and load it where you register the SDK.

export SYNCANIX_INTENT_SECRET="your-intent-signing-secret"

Verify intents

Register the SDK on the routes that expose agent actions. It verifies the X-Syncanix-Intent header before your handler runs, rejects any invalid or replayed call with a 403, and hands your handler the verified payload — including the acting tenant and user.

@RestController
@RequestMapping("/tools")
public class RefundController {

  @PostMapping("/refund")
  @SyncanixVerifyIntent
  public Map<String, String> refund(HttpServletRequest request) {
    IntentPayload intent =
        (IntentPayload) request.getAttribute(SyncanixIntentFilter.INTENT_ATTRIBUTE);
    return Map.of("tenantId", intent.getTenantId());
  }
}
Verifying an intent on a tool route. On success the verified payload is available to your handler; on failure the SDK returns 403 before your code runs.

Next steps