CLI

gateway

HTTP API server with pairing authentication

usage

baihu gateway

starts the webhook/API server. binds to 127.0.0.1:3000 by default.

pairing

on first connect, the gateway prints a 6-digit OTP to the terminal. send it via:

curl -X POST http://localhost:3000/pair \
  -H "X-Pairing-Code: 123456"

response includes a bearer token for all subsequent requests:

curl http://localhost:3000/api/chat \
  -H "Authorization: Bearer bh_..." \
  -H "Content-Type: application/json" \
  -d '{"message": "hello"}'

security

binds to localhost only by default
refuses 0.0.0.0 unless a tunnel is configured
5 wrong pairing attempts triggers 5-minute lockout
constant-time comparison prevents timing attacks
bearer tokens use bh_ prefix

configuration

[gateway]
port = 3000
auto_pair = false

daemon

full runtime with all subsystems

doctor

system diagnostics

On this page

usage pairing security configuration