Authentication & Entitlement

Lavender Gateway runs locally and serves REST endpoints on localhost:2112. No API key or token is required on individual requests.

How Entitlement Works

Access is configured at the gateway level, not per-request. When you subscribe, you download Lavender.exe, run it, and enter the email associated with your subscription. All REST calls served by your gateway work without any authentication headers.

Migrating from a Vendor

Because the gateway runs on localhost, any vendor API keys or auth headers in your existing code stay on your machine — they are never sent to an external server. The gateway accepts and ignores them, so you don't need to remove them:

curlPythonJavaScript

curl "http://localhost:2112/l1/greeks?root=AAPL&format=json"

import pandas as pd

df = pd.read_csv(
    "http://localhost:2112/l1/greeks?root=AAPL&format=csv")
print(df.head())

const response = await fetch(
  "http://localhost:2112/l1/greeks?root=AAPL&format=json"
);
const data = await response.json();
console.log(data);

Your vendor credentials stay local

If your existing code sends auth headers or API key parameters, the gateway accepts and ignores them. Since it runs on localhost, your vendor credentials never leave your machine.