Agent ExplorerBeta

Proxy API

The Proxy API routes A2A requests through the Agent Explorer server, bypassing browser CORS restrictions.

Why Use the Proxy?

Browsers enforce CORS (Cross-Origin Resource Sharing) restrictions. If an agent doesn't allow cross-origin requests from your Agent Explorer origin, you'll see:

Access to fetch at 'https://agent.example.com' has been blocked by CORS policy

The proxy routes requests server-side, avoiding this restriction entirely.

Endpoint

POST /api/proxy

Request Format

{
  "url": "https://agent.example.com/message/send",
  "method": "POST",
  "headers": {
    "Content-Type": "application/json",
    "Authorization": "Bearer token"
  },
  "body": {
    "jsonrpc": "2.0",
    "method": "message/send",
    "id": "1",
    "params": { "message": { ... } }
  }
}

Response

The proxy transparently returns the agent's response:

{
  "jsonrpc": "2.0",
  "id": "1",
  "result": { ... }
}

When to Use

  • Direct requests fail with CORS errors
  • The agent is on a different domain or localhost
  • Testing during development

When NOT to Use

  • The agent already supports CORS for your origin
  • You need direct WebSocket connections
  • Streaming SSE (streaming works better with direct connections)

Security Notes

  • The proxy only forwards requests from authenticated users
  • All proxied requests pass through your Agent Explorer server and are logged
  • Do not use for production traffic volume — use it for testing only