Skip to main content
Tinfoil’s SecureClient verifies the enclave before sending any data — same attestation flow as Tinfoil’s inference API. Every request is authenticated against the container’s attestation report and TLS certificate. You need two values to connect:
  • <CONTAINER_URL> — your container’s hostname (e.g. myapp.myorg.containers.tinfoil.dev)
  • <CONFIG_REPO> — the GitHub repo linked to your container, in org/repo format

GET requests

from tinfoil import SecureClient

client = SecureClient(
    enclave="<CONTAINER_URL>",
    repo="<CONFIG_REPO>",
)

# Attestation is verified automatically
response = client.get("https://<CONTAINER_URL>/<YOUR_ENDPOINT>")
print(response.status_code)

POST requests

import json
from tinfoil import SecureClient

client = SecureClient(
    enclave="<CONTAINER_URL>",
    repo="<CONFIG_REPO>",
)

response = client.post(
    "https://<CONTAINER_URL>/<YOUR_ENDPOINT>",
    headers={"Content-Type": "application/json"},
    body=json.dumps({"key": "value"}).encode(),
)
print(response.status_code)
print(response.body.decode())
The client verifies the enclave is running the expected code from the pinned repo, then pins the TLS certificate for all subsequent requests. If anything doesn’t match, the connection fails.

Using the local proxy

You can also connect to your container with the standalone Tinfoil Proxy CLI (tinfoil-proxy), which runs a local reverse proxy that verifies attestation and forwards requests: 
tinfoil-proxy \
  -e <CONTAINER_URL> \
  -r <CONFIG_REPO> \
  -p 3301
Then send requests to http://localhost:3301 as if it were your container: 
curl http://localhost:3301/<YOUR_ENDPOINT> \
  -H "Content-Type: application/json" \
  -d '{"key": "value"}'
For one-off requests without running a proxy, use tinfoil http: 
tinfoil http post https://<CONTAINER_URL>/<YOUR_ENDPOINT> \
  -e <CONTAINER_URL> \
  -r <CONFIG_REPO> \
  -H "Content-Type: application/json" \
  -b '{"key": "value"}'
Add any other request headers with repeatable -H, --header flags, such as -H "Authorization: Bearer <TOKEN>". If you’ve logged in with tinfoil login, use tinfoil container connect <name> to skip looking up the container URL and config repo by hand — the CLI resolves both from the container name and starts the same verified proxy: 
tinfoil container connect my-api -p 3301
See Managing containers from the CLI for the rest of the management surface.
Debug mode containers do not pass attestation. This is by design — debug enclaves trade confidentiality for inspectability.