> For the complete documentation index, see [llms.txt](https://docs.propchain.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.propchain.com/propchain-technology-infrastructure-centralized-operational-leg/core-functionalities/api-layer-and-hosting-strategy.md).

# API Layer & Hosting Strategy

Our API infrastructure is built to support secure, scalable external integrations while promoting efficiency, collaboration, and future-proof growth.  <br>

**API Architecture and Protocols**&#x20;

We utilize RESTful APIs exclusively, designed around standard HTTP methods with JSON as the primary data exchange format. This ensures wide compatibility, simplicity, and ease of integration for external partners and internal consumers. <br>

**Authentication and Authorization**&#x20;

We implement strict access control mechanisms to secure all endpoints:&#x20;

* OAuth 2.0 - Employed for external partner authentication (Google), supporting delegated authorization.&#x20;
* JWT (JSON Web Tokens) - Used for stateless authentication across client applications, securely carrying identity and access claims.&#x20;
* 2FA Integration - Two-Factor Authentication is required for all sensitive actions, enhancing security beyond password-based logins.&#x20;
* API Keys (Internal Use Only) - Admin-level internal API calls are secured with scoped API keys, never exposed to external systems. <br>

**API Security and Management**&#x20;

To maintain reliability and prevent misuse, we enforce key security and usage practices:&#x20;

* HTTPS Only - All endpoints are TLS-secured to protect data in transit.&#x20;
* Rate Limiting & Throttling - Request quotas are enforced to mitigate abuse and ensure system stability.&#x20;
* Input Validation & Sanitization - Every input payload is rigorously checked to prevent injection and malformed data attacks. <br>

**Documentation & Developer Experience**&#x20;

We prioritize clarity and a smooth onboarding process for integrators:&#x20;

* OpenAPI / Swagger Specifications - All APIs are fully documented using the OpenAPI standard, providing up-to-date reference material, code samples, and compatibility with tools like Swagger UI and Postman.&#x20;
* Postman Collections - Ready-to-use request sets for testing and onboarding new/external developers.&#x20;

&#x20;

**Multi-Region Hosting Strategy**&#x20;

* Primary Region – UAE North (Dubai). Microsoft Azure region with three availability zones, offering in-country data residency for VARA/DFSA-regulated activities and Near-Zero-Latency service to Gulf investors. &#x20;
* Secondary Region – West Europe (Netherlands). Azure’s Amsterdam-Schiphol campus delivers GDPR-aligned processing for EEA clients and acts as the paired site for cross-region resilience. &#x20;
* Topology. Active-active for low-latency trading functions; active-passive for analytics workloads. Azure Front Door directs users to the nearest healthy region, with automatic failover in < 60 s.&#x20;


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:

```
GET https://docs.propchain.com/propchain-technology-infrastructure-centralized-operational-leg/core-functionalities/api-layer-and-hosting-strategy.md?ask=<question>&goal=<endgoal>
```

`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.

The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.