by motiful
AI API identity gateway — reverse proxy that normalizes device fingerprints and telemetry for privacy-preserving API proxying
# Add to your Claude Code skills
git clone https://github.com/motiful/cc-gatewayGuides for using api integration skills like cc-gateway.
Last scanned: 4/23/2026
{
"issues": [],
"status": "PASSED",
"scannedAt": "2026-04-23T06:06:01.981Z",
"semgrepRan": false,
"npmAuditRan": true,
"pipAuditRan": true
}[![License: MIT][license-shield]][license-url] [![Version][version-shield]][version-url] [![Tests][tests-shield]][tests-url] [![Follow @whiletrue0x][twitter-shield]][twitter-url]
Alpha — This project is under active development. Test with a non-primary account first.
Disclaimer — See full disclaimer below.
Claude Code collects 640+ telemetry event types across 3 parallel channels, fingerprints your machine with 40+ environment dimensions, and phones home every 5 seconds. Your device ID, email, OS version, installed runtimes, shell type, CPU architecture, and physical RAM are all reported to the vendor — continuously.
If you run Claude Code on multiple machines, each device gets a unique permanent identifier. There is no built-in way to manage how your identity is presented to the API.
CC Gateway is a reverse proxy that sits between Claude Code and the Anthropic API. It normalizes device identity, environment fingerprints, and process metrics to a single canonical profile — giving you control over what telemetry leaves your network.
user_id JSON blob in every API request are normalized to one canonical identityenv object is swapped, not patched<env> block injected into every prompt (Platform, Shell, OS Version, working directory) is rewritten to match the canonical profileNo comments yet. Be the first to share your thoughts!
Top skills in this category by stars
Based on votes and bookmarks from developers who liked this skill
x-anthropic-billing-header (which contains a per-session fingerprint hash) is removed entirely, consistent with the official CLAUDE_CODE_ATTRIBUTION_HEADER=false toggle. This also enables cross-session prompt cache sharing, reducing system prompt costs by ~85%constrainedMemory), heap size, and RSS are masked to canonical values so hardware differences don't leak~/.zshrc changes, no config filesplatform.claude.comHTTPS_PROXY / HTTP_PROXY env vars for outbound connections (Clash, V2Ray, etc.)baseUrl and gateway fields that would reveal proxy usage in analytics eventsOne command. Requires Node.js 22+ and an existing Claude Code login on this machine.
git clone https://github.com/motiful/cc-gateway.git
cd cc-gateway
npm install
bash scripts/quick-setup.sh
This will:
config.yaml./clients/cc-<hostname>http://localhost:8443In another terminal:
./clients/cc-<hostname>
That's it. Claude Code launches, traffic routes through the gateway. No env vars to set, no files to edit.
HTTPS_PROXY=http://127.0.0.1:7890 bash scripts/quick-setup.sh
The gateway will route all outbound traffic (API calls + token refresh) through your proxy.
Each person gets their own launcher script with a unique token. The admin generates it:
bash scripts/add-client.sh alice
bash scripts/add-client.sh bob
This creates ./clients/cc-alice and ./clients/cc-bob. Send each file to the respective person.
chmod +x cc-alice
./cc-alice install # installs as 'ccg' command
ccg # start Claude Code through gateway
That's it. All Claude arguments work: ccg --print "hello", ccg --resume, etc.
claude go through gateway tooccg hijack # alias claude → ccg (new terminals auto-apply)
claude # now goes through gateway
ccg release # undo — restore native claude
ccg Start Claude Code through gateway
ccg install Install as 'ccg' system command
ccg uninstall Remove 'ccg' and clean up
ccg hijack Make 'claude' also go through gateway
ccg release Restore 'claude' to native
ccg native [args] Run native claude once (bypass gateway)
ccg status Show gateway connection and hijack status
ccg help Show help
ccg and claude coexist by default. Hijack is opt-in and reversible. Supports zsh, bash, and fish.
| Layer | Field | Action |
|-------|-------|--------|
| Identity | device_id in metadata + events | → canonical ID |
| | email | → canonical email |
| Environment | env object (40+ fields) | → entire object replaced |
| Process | constrainedMemory (physical RAM) | → canonical value |
| | rss, heapTotal, heapUsed | → randomized in realistic range |
| Headers | User-Agent | → canonical CC version |
| | x-api-key | → real OAuth token (injected by gateway) |
| | x-anthropic-billing-header | → stripped |
| Prompt text | Platform, Shell, OS Version | → canonical values |
| | Working directory | → canonical path |
| | /Users/xxx/, /home/xxx/ | → canonical home prefix |
| Billing | x-anthropic-billing-header system block | → stripped entirely |
| Leak fields | baseUrl (ANTHROPIC_BASE_URL) | → stripped |
| | gateway (provider detection) | → stripped |
npm run dev # tsx watch, auto-reload
bash scripts/admin-setup.sh
This interactive script:
After setup, add more clients with:
bash scripts/add-client.sh <name>
# Restart to pick up new tokens:
docker compose restart
Mac-A ──┐
Mac-B ──┼──→ gateway-server:8443 ──→ api.anthropic.com
Mac-C ──┘
Important: All machines — including the admin — should use the gateway. Direct connections from the admin machine would create a second device fingerprint visible to Anthropic.
For remote deployment, generate TLS certificates:
mkdir certs
openssl req -x509 -newkey rsa:2048 \
-keyout certs/key.pem -out certs/cert.pem \
-days 365 -nodes -subj "/CN=cc-gateway"
Uncomment the tls section in config.yaml, then generate client launchers pointing to the server address:
bash scripts/add-client.sh alice "" <gateway-ip>:8443 https
If all devices have Tailscale installed, run the gateway on any machine in the mesh. No TLS needed (Tailscale encrypts the tunnel), no public IP needed, no port forwarding.
Client machines CC Gateway Anthropic
┌────────────┐ ┌──────────────────┐
│ ./cc-alice │── ANTHROPIC_ ────│ Auth: x-api-key │
│ (launcher) │ BASE_URL │ OAuth: auto- │
│ + env vars │ │ refresh │──── single ────▶ api.anthropic.com
│ │ │ Rewrite: all │ identity
│ │ │ identity │
└────────────┘ │ Strip: billing │
│ header │
│ Stream: SSE │
│ passthrough │
└──────────────────┘
│
platform.claude.com
(token refresh only,
from gateway IP)
Defense in depth:
| Layer | Mechanism | What it prevents |
|-------|-----------|-----------------|
| Launcher env vars | ANTHROPIC_BASE_URL + DISABLE_NONESSENTIAL + ATTRIBUTION_HEADER=false | CC voluntarily routes to gateway, disables side channels, skips billing hash |
| Clash (optional) | Domain-based REJECT rules | Any accidental or future direct connections to Anthropic |
| Gateway | Body + header + prompt rewriting | All 40+ fingerprint dimensions normalized to one device |
The gateway manages the full OAuth token lifecycle:
platform.claude.com.