Platform / Private Nodes

Monitor APIs and apps inside your network.

Deploy lightweight APIContext nodes behind your firewall to test internal APIs, private services, and employee-facing workflows without exposing sensitive systems to the public internet.

Docker deployOutbound-onlyPrivate APIsInternal workflowsEnterprise credentials
Private node · running in vpc-prod-eu-west-1Live · 12s ago
<5mto deploy the first node
0inbound firewall rules required
VPCcloud, hybrid, or on-prem
OTELtraces from inside the boundary
Inside the boundary

Run outside-in checks from inside your own infrastructure.

Private nodes execute the same synthetic journeys as cloud POPs, but originate from your network so internal APIs, staging environments, and restricted applications can be tested safely.

Private synthetic run · internal checkout workflowall private checks passing
private DNS
8ms
mTLS handshake
46ms
GET /inventory
138ms
POST /orders
224ms
assert business rule
18ms
OTEL export
31ms
Container-native deployment

Drop a lightweight runner into any private environment.

Run agents as Docker containers, scheduled jobs, or service workloads in your VPC, data center, Kubernetes cluster, or secure network segment.

Docker-first deployment
Kubernetes and VM friendly
Outbound connection to APIContext
No public exposure of internal endpoints
docker-compose.ymlTypeScript
services:
  apicontext-node:
    image: apicontext/private-node:latest
    environment:
      APICONTEXT_NODE_TOKEN: ${NODE_TOKEN}
      APICONTEXT_REGION: eu-west
    network_mode: bridge
    restart: unless-stopped
Behind-firewall monitoring

Test business-critical APIs customers and employees depend on.

Validate private applications, partner integrations, internal APIs, and remote employee workflows from the places where they actually run.

Internal API availability
Employee workflow checks
Partner and branch-office perspectives
Private DNS and network path validation
private topology · branch to origin
branch officevpn segmentprivate DNSinternal APIemployee appOTEL collector
Data control

Keep sensitive calls and credentials under your control.

Agents run inside your infrastructure using your enterprise credentials, secrets, and network policies. APIContext receives telemetry, not unrestricted access to your private services.

Use your identity and secret stores
Control who calls which services
Keep request paths inside your boundary
Send clean OTEL signal to your observability stack
access policy · private node
networkoutbound 443 onlyallowed
secretsvault-mounted tokencontrolled
targetsinternal allowlistscoped
telemetryOTEL spans onlyexported
Key Features

Everything you need in production.

Outbound-only

Agents connect out to APIContext, so private services do not need inbound public access.

Credential control

Use your own enterprise auth, vault, and network policy for private checks.

Hybrid coverage

Combine public cloud POPs with private locations for a complete customer-to-origin picture.

Internal synthetics

Run the same API, browser, and workflow checks against internal-only systems.

Topology-aware

Separate cloud, edge, origin, and private-network failures in a single journey.

OTEL-native

Forward traces, logs, metrics, and events from private runs to your existing tools.

Private-node telemetry flows into the same tools your teams already use

DatadogDynatraceSplunkGrafanaNew RelicHoneycombAkamaiPagerDutySlackOpsGenie

Start monitoring behind the firewall.

Deploy the first private node, point it at an internal API, and start validating restricted services without opening them to the internet.