602TechSec Active
Documentation

602TechSec API Documentation

Complete guide for integrating with the 602TechSec security verification API

Getting Started

Welcome to the 602TechSec API documentation. Our security verification API helps protect your applications from malicious traffic and unauthorized access.

API Versions: We currently support API v1 (legacy) and v2 (recommended). New integrations should use v2.

Base URLs

Environment Base URL Description
Production https://sec.602.tech Live production environment
Sandbox https://sandbox.sec.602.tech Testing environment

Authentication

All API requests require authentication using an API key. You can obtain your API key from the admin panel or use our self-service widget.

Authentication Methods

Header Authentication (Recommended)
X-API-Key: your-api-key-here
Query Parameter
?apiKey=your-api-key-here

API v1 (Legacy)

Legacy Version: API v1 is deprecated but still supported. Please migrate to v2 for new projects.

Endpoint

POST /api/verify

Request Format

{
  "ipAddress": "192.168.1.100",
  "hostName": "example.com",
  "requestPath": "/login",
  "userAgent": "Mozilla/5.0..."
}

Example Request (cURL)

curl -X POST https://sec.602.tech/api/verify \
  -H "Content-Type: application/json" \
  -H "X-API-Key: your-api-key-here" \
  -d '{
    "ipAddress": "192.168.1.100",
    "hostName": "example.com",
    "requestPath": "/login"
  }'

Response Format

{
  "isAllowed": true,
  "reason": "Request allowed",
  "riskScore": 2,
  "timestamp": "2024-01-15T10:30:00Z"
}

API v2 (Current)

Recommended Version: API v2 offers enhanced security features and better performance.

Endpoint

POST /api/v2/verify

Request Format

{
  "ipAddress": "192.168.1.100",
  "hostName": "example.com",
  "requestPath": "/login",
  "userAgent": "Mozilla/5.0...",
  "requestId": "req_12345",
  "additionalHeaders": {
    "X-Forwarded-For": "203.0.113.1"
  },
  "requestMethod": "POST",
  "contentLength": 1024
}

Example Request (cURL)

curl -X POST https://sec.602.tech/api/v2/verify \
  -H "Content-Type: application/json" \
  -H "X-API-Key: your-api-key-here" \
  -d '{
    "ipAddress": "192.168.1.100",
    "hostName": "example.com",
    "requestPath": "/login",
    "userAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36",
    "requestId": "req_12345",
    "requestMethod": "POST"
  }'

Response Format

{
  "isAllowed": true,
  "reason": "Request allowed - clean IP and valid hostname",
  "riskScore": 2,
  "timestamp": "2024-01-15T10:30:00Z",
  "requestId": "req_12345",
  "securityFlags": {
    "isVpn": false,
    "isProxy": false,
    "isBot": false,
    "isTor": false
  },
  "geoLocation": {
    "country": "US",
    "region": "CA",
    "city": "San Francisco"
  },
  "rateLimitInfo": {
    "remaining": 998,
    "resetTime": "2024-01-15T11:00:00Z"
  }
}

Error Handling

The API uses standard HTTP status codes to indicate success or failure.

Status Code Meaning Description
200 OK Request successful
400 Bad Request Invalid request format
401 Unauthorized Invalid or missing API key
403 Forbidden API key doesn't have required permissions
429 Too Many Requests Rate limit exceeded
500 Internal Server Error Server error occurred

Error Response Format

{
  "error": {
    "code": "INVALID_API_KEY",
    "message": "The provided API key is invalid or has been revoked",
    "timestamp": "2024-01-15T10:30:00Z",
    "requestId": "req_12345"
  }
}

Rate Limiting

API requests are subject to rate limiting based on your API key configuration.

Default rate limit is 1000 requests per hour per API key. Contact support for higher limits.

Rate Limit Headers

Header Description
X-RateLimit-Limit Total requests allowed per hour
X-RateLimit-Remaining Requests remaining in current window
X-RateLimit-Reset Time when rate limit resets (Unix timestamp)

Code Examples

API v2 with cURL

#!/bin/bash

# Basic verification request
curl -X POST https://sec.602.tech/api/v2/verify \
  -H "Content-Type: application/json" \
  -H "X-API-Key: your-api-key-here" \
  -d '{
    "ipAddress": "192.168.1.100",
    "hostName": "example.com",
    "requestPath": "/api/data",
    "userAgent": "MyApp/1.0",
    "requestId": "req_' $(date +%s) '"
  }'

JavaScript/Node.js Example

// API v2 Example
const axios = require('axios');

async function verifyRequest(ipAddress, hostName, requestPath) {
  try {
    const response = await axios.post('https://sec.602.tech/api/v2/verify', {
      ipAddress: ipAddress,
      hostName: hostName,
      requestPath: requestPath,
      userAgent: 'MyApp/1.0',
      requestId: `req_${Date.now()}`,
      requestMethod: 'GET'
    }, {
      headers: {
        'Content-Type': 'application/json',
        'X-API-Key': 'your-api-key-here'
      }
    });
    
    const result = response.data;
    console.log('Verification result:', result);
    return result.isAllowed;
  } catch (error) {
    console.error('Verification failed:', error.message);
    return false; // Fail-safe: deny on error
  }
}

// Usage
verifyRequest('192.168.1.100', 'example.com', '/api/data');

C# Example

using System;
using System.Net.Http;
using System.Text;
using System.Threading.Tasks;
using Newtonsoft.Json;

public class TechSec602Client
{
    private readonly HttpClient _httpClient;
    private readonly string _apiKey;
    private readonly string _baseUrl;

    public TechSec602Client(string apiKey, string baseUrl = "https://sec.602.tech")
    {
        _apiKey = apiKey;
        _baseUrl = baseUrl;
        _httpClient = new HttpClient();
        _httpClient.DefaultRequestHeaders.Add("X-API-Key", apiKey);
    }

    public async Task VerifyRequestAsync(string ipAddress, string hostName, string requestPath)
    {
        try
        {
            var request = new
            {
                ipAddress = ipAddress,
                hostName = hostName,
                requestPath = requestPath,
                userAgent = "MyApp/1.0",
                requestId = $"req_{DateTimeOffset.UtcNow.ToUnixTimeSeconds()}",
                requestMethod = "GET"
            };

            var json = JsonConvert.SerializeObject(request);
            var content = new StringContent(json, Encoding.UTF8, "application/json");

            var response = await _httpClient.PostAsync($"{_baseUrl}/api/v2/verify", content);
            
            if (response.IsSuccessStatusCode)
            {
                var responseJson = await response.Content.ReadAsStringAsync();
                var result = JsonConvert.DeserializeAnonymousType(responseJson, new { isAllowed = false });
                return result.isAllowed;
            }
            
            return false; // Fail-safe
        }
        catch (Exception ex)
        {
            Console.WriteLine($"Verification error: {ex.Message}");
            return false; // Fail-safe
        }
    }
}

Python Example

import requests
import time
import json

class TechSec602Client:
    def __init__(self, api_key, base_url="https://sec.602.tech"):
        self.api_key = api_key
        self.base_url = base_url
        self.session = requests.Session()
        self.session.headers.update({
            'Content-Type': 'application/json',
            'X-API-Key': api_key
        })

    def verify_request(self, ip_address, host_name, request_path):
        """
        Verify a request using API v2
        """
        try:
            payload = {
                'ipAddress': ip_address,
                'hostName': host_name,
                'requestPath': request_path,
                'userAgent': 'MyApp/1.0',
                'requestId': f'req_{int(time.time())}',
                'requestMethod': 'GET'
            }
            
            response = self.session.post(
                f'{self.base_url}/api/v2/verify',
                json=payload,
                timeout=5
            )
            
            if response.status_code == 200:
                result = response.json()
                return result.get('isAllowed', False)
            else:
                print(f"API error: {response.status_code}")
                return False
                
        except requests.RequestException as e:
            print(f"Request failed: {e}")
            return False  # Fail-safe

# Usage
client = TechSec602Client('your-api-key-here')
is_allowed = client.verify_request('192.168.1.100', 'example.com', '/api/data')
print(f"Request allowed: {is_allowed}")

Client Libraries

We provide official client libraries to make integration easier:

VB.NET / C#

Full-featured client libraries for .NET Framework and .NET Core

Download
API Key Widget

Embeddable widget for customer self-service API key management

Try Demo
Integration Examples

Ready-to-use examples for various frameworks and platforms

View Examples

© 2026 - 602TechSec Security Platform | Request ID: 8DE64DDC46E2A69 | Processed: 2026-02-05 17:41:17 UTC

Secured by 602TechSec | API Docs