# Aperture

## Tailscale Aperture Integration

Highflame integrates with [Tailscale Aperture](https://tailscale.com/docs/features/aperture) to provide security evaluation of AI agent traffic at the network layer.

When LLM requests flow through Aperture, Aperture captures requests/responses, extracts tool calls, prompts, and forwards event data to Highflame via webhook hooks. Highflame receives the event at `POST /v1/agent/events`, with the Highflame API key in the `Authorization` header, normalizes the payload into individual evaluations (user prompt + each tool call), and evaluates them via our extensive guardrail system.

### What Highflame evaluates

A single Aperture event can produce multiple evaluations:

* User prompt (action: `process_prompt`, content type: `prompt`)
* Each tool call (action: `call_tool`, content type: `tool_call`)

Each evaluation runs through our detection engines and is logged with the decision/policy context in your Highflame dashboard.

### Endpoint

Use:

```
POST https://api.highflame.ai/v1/agent/events
```

Authentication:

```
Authorization: Bearer hf_sk-...
```

The endpoint acknowledges immediately (fire-and-forget). Evaluation happens asynchronously, so you should verify results in the Highflame dashboard rather than relying on the webhook response body.

***

### Next

* [Setup Guide](https://docs.highflame.ai/documentation/integrations/aperture/setup-guide)
* [Troubleshooting](https://docs.highflame.ai/documentation/integrations/aperture/troubleshooting)