PLATFORM

Every piece a translation layer needs. Nothing it doesn't.

REST↔SOAP. gRPC↔REST. JSON↔XML. Route chains, canary rollouts, the Cloud Connector, in three deployments, one codebase.

CAPABILITY 01 · PROTOCOL TRANSLATION

Any protocol in.
Any protocol out.

trAPIoka speaks five protocols natively, in both directions. A REST caller can reach a SOAP service. A GraphQL client can fan out to gRPC. The route defines which goes where, neither end knows the other exists.

WSDL imported and indexed automatically, operations exposed as REST paths
gRPC reflection or .proto descriptors picked up on startup
GraphQL queries resolved across multiple typed backends
JSON-RPC bridged to and from any of the above

protocol compatibility● supported

in ↓ out →	REST	gRPC	SOAP	GraphQL	JSON-RPC	SSH single-shot	SSH interactive	SQL	Mongo	PowerShell
REST
gRPC
SOAP
GraphQL
JSON-RPC

caller speaks →

// REST · the modern caller
GET /v2/payments/482
Accept: application/json

// response
{
  "id": "482",
  "amount": 2400,
  "status": "posted"
}

→ target hears

<!-- SOAP · the legacy core -->
<soap:Envelope>
 <soap:Body>
  <GetPmt>
   <id>482</id>
  </GetPmt>
 </soap:Body>
</soap:Envelope>

// transformations.lua  ·  reusable, hot-reloadable

function redact_pii(body)
  body.ssn        = mask.last4(body.ssn)
  body.dob        = nil
  body.email      = redact.email(body.email)
  body.address.zip = body.address.zip:sub(1,3).."**"
  return body
end

function flatten_soap(xml)
  local r = xml.path("//GetPmtResponse/result")
  return {
    id      = r.id,
    amount  = tonumber(r.amount_cents) / 100,
    status  = r.state:lower(),
    posted_at = iso8601(r.txn_ts)
  }
end

CAPABILITY 02 · PAYLOAD TRANSFORMATION

Reshape, redact, validate, in flight.

Most transformations are declarative, rename, drop, retype, validate against a schema. For everything else, run a Lua or JavaScript function. Hot-reload in under five seconds, no restart, no traffic interruption.

Format conversion: JSON ↔ XML ↔ Protobuf ↔ raw text, in any direction
Schema validation against OpenAPI, XSD, or .proto before forwarding
Parse free-form text (SSH output, mainframe records) into typed JSON
Sandboxed scripting, no filesystem, no network egress, CPU-bounded

CAPABILITY 03 · SECURITY ENFORCEMENT

A WAF and an auth layer in one binary.

Block SQL injection, XSS, and your own threat signatures before they reach an upstream. Redact PII automatically on responses. Authenticate inbound and outbound, with totally different schemes, in the same route.

Inbound auth: API key, JWT (any IdP), mTLS, OAuth2, basic, SigV4, custom
Outbound auth: same set, freely mixed per upstream
Threat signatures: OWASP CRS bundled, custom rules in YAML
PII redaction: jsonpath, regex, or callout to your DLP service

request · 7c1a4f… · /v2/payments/482200 · 0.84ms

+0.00ms

TLS handshake · client mTLS verified

cert OU=web-checkout

+0.08ms

JWT validated · scope check

iss=auth.acme aud=payments

+0.11ms

WAF · OWASP CRS + custom rules

17 rules · pass

+0.14ms

rate limit · 200/s per client.ip

14/200 ok

+0.18ms

transform request · json → soap

soap.xml/v1.2.xsl

+0.21ms

upstream call · SOAP/WSSE

core.internal · 0.46ms

+0.71ms

transform response · xml → json

jsonpath.lua

+0.78ms

redact · $.account.ssn, $..cvv

2 fields masked

+0.82ms

audit log · sha256-chained

block #4,201,884

# guard.yaml  ·  applies to every upstream call

timeout:
  connect: 500ms
  read:    2s
  total:   5s

retry:
  max_attempts:   3
  backoff:        exponential
  jitter:         "full"
  retry_on:       [502, 503, 504, timeout, conn-reset]
  idempotency:    auto  # GET/HEAD/PUT/DELETE

circuit_breaker:
  window:         60s
  error_threshold: 0.5
  min_volume:     20
  half_open_after: 30s

fallback:
  on_circuit_open:
    strategy: cached-or-static
    ttl:      300s

CAPABILITY 04 · RESILIENCE

Failure modes that fail well.

Every upstream call is wrapped in a configurable safety net. Retry with full jitter. Per-route circuit breakers. Fallback responses when the upstream is genuinely dead. Hard timeout enforcement at the gateway, the transformer, and the upstream client, not just one of them.

Idempotency-aware retries, never duplicates a POST you didn't mark safe
Hedged requests for latency-sensitive read paths
Static, cached, or scripted fallbacks per route
Breaker state visible in metrics, audit log, and the console

CAPABILITY 05 · OBSERVABILITY

See every byte that changed, and why.

Every request is logged with its full transformation history. Diff the inbound payload against the outbound. Read the route version that handled it. Trace the upstream call by ID. Audit who changed the route last and when.

OpenTelemetry traces and metrics, OTLP, Prometheus, Tempo, Jaeger
Structured JSON logs with full diff payloads (PII redacted)
SLA monitoring with breach detection and consumer notifications
Tamper-evident audit log, SHA-256 hash chain, append-only at the DB layer

AUDIT LEDGER · LIVE

blocks 4,201,881 → 4,201,884

● chain intact

BLOCKROUTE / CALLERMSSTATUS

#201881payments-modernize · web-checkout1.04200

#201882inventory-sync · mobile-ios-v31.71200

#201883network-ops · ssh exec · switch-iad-0438.4200

#201884payments-modernize · web-checkout · 2 redacted0.84200

$ tpk verify · ✓ 4 blocks · sha256 chain intact · 0 anomalies

RETENTION

7y default

EXPORT

S3 · JSONL

VERIFY

tpk verify

DEPRECATION CONSOLE

payments-api · v1 → v2

⚠ sunset in 47 days

migration progress71% (124 / 175 consumers)

web-checkout✓ migrated 2026-04-02

mobile-ios-v3✓ migrated 2026-04-15

partner-a⚠ on v1 · 2 reminders sent

internal-batch✕ on v1 · last call 14:08:42

partner-b⚠ on v1 · 1 reminder sent

next reminder fires in 6 days · final cutoff 2026-07-01 → 410 GONE with migration link

CAPABILITY 06 · VERSIONING & LIFECYCLE

Deprecations that enforce themselves.

Mark a version deprecated. Set the sunset date. trAPIoka inserts a Deprecation header on every response, tracks which consumers are still calling, fires reminders on your schedule, and serves 410 GONE with a migration link at cutoff.

Per-consumer migration tracking, by API key, JWT subject, or mTLS cert
Reminders by webhook, email, Slack, or PagerDuty
Soft cutoff (warning header) or hard cutoff (410 with redirect target)
Migration assistants, replay v1 traffic against v2 to find behaviour drift

PLATFORM, EXPANDED

Beyond translation.

⛓

Route chains

One inbound request, many backends, one clean result. Validate, transform, fan out, recombine.

GraphQL → 3× gRPC fan-out
REST → SOAP + cache merge
each step individually observable

◐

Canary deployments

Roll a version to a slice of traffic, watch the metrics, widen or roll back. No restart.

5% → 25% → 100% on green metrics
automatic rollback on SLA breach
per-route, per-version

⇲

Cloud Connector

Reach systems behind a firewall without opening one. Outbound-only agent, no inbound ports, no VPN.

outbound-only · mTLS · cert-pinned
named routes only, never the network
on-prem DB · mainframe · PLC

OBSERVABILITY · OPENTELEMETRY-NATIVE

DatadogHoneycombGrafana TempoJaegerPrometheusOTLP

ALERTING · WHERE YOUR TEAM LIVES

SlackMicrosoft TeamsPagerDutyServiceNowJIRAWebhook

EVERY FEATURE · EVERY DEPLOYMENT

Same product. Three ways to run it.

The Sidecar binary, the SaaS platform, and the on-prem Helm chart all ship the same capability surface. Routes you write today are portable.

Request a demo →Architecture deep dive