> ## Documentation Index
> Fetch the complete documentation index at: https://docs.goldsky.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Security

> Authentication and rate limiting for Edge RPC

Edge RPC provides authentication and rate limiting controls to secure your endpoints.

## Authentication

Each Edge RPC endpoint requires a secret token for authentication. The secret is included in the URL:

```
https://edge.goldsky.com/standard/evm/{chainId}?secret=YOUR_SECRET
```

### Query Parameter

Pass the secret as a URL query parameter:

```bash theme={null}
curl "https://edge.goldsky.com/standard/evm/1?secret=YOUR_SECRET" \
  -X POST \
  -H "Content-Type: application/json" \
  -d '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
```

### Header-Based Authentication

Alternatively, pass the secret via the `X-ERPC-Secret-Token` header:

```bash theme={null}
curl "https://edge.goldsky.com/standard/evm/1" \
  -X POST \
  -H "Content-Type: application/json" \
  -H "X-ERPC-Secret-Token: YOUR_SECRET" \
  -d '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}'
```

## Rate Limiting

Rate limits can be configured per secret in the [Goldsky Dashboard](https://app.goldsky.com). The following options are available:

| Option                                     | Total RPS | Per-IP RPS | Description                               |
| ------------------------------------------ | --------- | ---------- | ----------------------------------------- |
| `None (Unlimited)`                         | Unlimited | Unlimited  | No rate limiting applied                  |
| `edge-tier-6krpm-total-unlimited-per-ip`   | \~100     | Unlimited  | Low volume, no per-IP restrictions        |
| `edge-tier-60krpm-total-unlimited-per-ip`  | \~1,000   | Unlimited  | Medium volume, no per-IP restrictions     |
| `edge-tier-180krpm-total-unlimited-per-ip` | \~3,000   | Unlimited  | High volume, no per-IP restrictions       |
| `edge-tier-360krpm-total-unlimited-per-ip` | \~6,000   | Unlimited  | Very high volume, no per-IP restrictions  |
| `edge-tier-600krpm-total-unlimited-per-ip` | \~10,000  | Unlimited  | Enterprise volume, no per-IP restrictions |
| `edge-tier-6krpm-total-500rpm-per-ip`      | \~100     | \~8        | Low volume with per-IP protection         |
| `edge-tier-60krpm-total-500rpm-per-ip`     | \~1,000   | \~8        | Medium volume with per-IP protection      |
| `edge-tier-180krpm-total-500rpm-per-ip`    | \~3,000   | \~8        | High volume with per-IP protection        |
| `edge-tier-360krpm-total-500rpm-per-ip`    | \~6,000   | \~8        | Very high volume with per-IP protection   |
| `edge-tier-600krpm-total-500rpm-per-ip`    | \~10,000  | \~8        | Enterprise volume with per-IP protection  |
| `edge-tier-unlimited-total-100rpm-per-ip`  | Unlimited | \~1.7      | Strict per-IP limiting only               |
| `edge-tier-unlimited-total-500rpm-per-ip`  | Unlimited | \~8        | Moderate per-IP limiting only             |

* **Total RPS**: Maximum requests per second across all IPs using this secret
* **Per-IP RPS**: Maximum requests per second from a single IP address