Process encrypted data.
Cages are serverless functions hosted on Evervault for processing the data you encrypt with Relay or our SDKs. You can use Cages to isolate your Node.js code that processes sensitive data from the rest of your stack.
You can write and deploy any serverless function to a Cage. At present, Cages can only be written in Node.js. You can call and run a Cage with any language that can send HTTPS requests.
You can deploy any Node.js code as a Cage to process data in whichever way you need.
- Serverless functions. Cages are serverless functions, so you can deploy any code you would to other serverless function services — like AWS Lambda, Firebase Functions, Azure Functions, Cloudflare Workers etc. The core difference being that you never touch sensitive data in plaintext.
- Machine learning. Deploy your machine learning model as a Cage, send it the data you encrypt with Relay, and get the result.
- Document generation. Encrypt & store identity data (like addresses and social security numbers), generate a document in a Cage, and send to a third-party direct mail API like Lob.
- API authorization. Encrypt your users' credentials for third-party services using Relay, and authorize with those services by running a headless browser in, or calling an API from, a Cage.
Deploy your Cage
You can deploy a Cage by connecting to a GitHub repository (see below) or using the Evervault CLI.
In the Evervault Dashboard:
- Click New Cage
- Select Choose Template
- Authenticate with GitHub if you haven’t already
- Install the Evervault app on GitHub
- Select a template Cage
- Create your Cage
Run your Cage
Automatically run your Cage code by passing the Cage name and the payload into the
evervault.run() function. Or, send an HTTPS POST request with a JSON payload and
API-Key header to
Cages can currently only be called server-side because they require your team's API key for authentication.
Run your application to see the result. Return the result to the client via your server, or forward it to a third party API via an HTTP request. All outbound HTTP requests are logged, and are shown in your team's Dashboard.
The Node.js SDK is pre-initialized in all Cages as the globally-scoped
evervault object. This allows you to encrypt the result, and store it in your database.
Update your Cage
If you do a push to your GitHub repo, Evervault will automatically update your Cage code. If you choose to deploy with the Evervault CLI, use the
ev cage deploy command to update your Cage code.
We know that you will never want slower requests, so we are always reducing the cumulative network and runtime latency of Cages (and all other Evervault services).
When sending data to a third-party API via your Cage, Evervault ensures that the destination API is included in your API whitelist (if provided).