# a hardened REST gateway in front of CS4.TelegramCore.Data
Every /Message/* request is a POST whose body carries an
apiKey field. It is checked against user_info.api_key — a bad or missing
key returns 401, and repeated failures from one IP are temporarily blocked (403).
The outbound message API (ported from CS4.TelegramCore.Apx, same
routes). Every /Message/* call is a POST whose body carries an apiKey
(validated by the global filter). The inbound Telegram webhook is authenticated by its per-bot URL,
not a key.
/health (no key)/Message/SendMessage/Message/SendImage/Message/SendDocument/Message/SendQuery/Message/SendInvitation/Message/Notify/WebHook/{bot} (no key; Telegram callback)user_info table, not in appsettings.json.logs/requests-yyyyMMdd.jsonl; apiKey/password fields are always redacted.