Overview • Preview • Features • Quick Start • Configuration • Usage • Thinking Mode • Outbound Proxy • Safety
Kiro Proxy is a small Go service that turns one or more authorized Kiro accounts into a local API endpoint that speaks the OpenAI and Anthropic wire formats:
- Pools multiple Kiro accounts and load-balances requests with round-robin.
- Translates Anthropic
/v1/messages, OpenAI/v1/chat/completions, and OpenAI/v1/responsescalls to and from Kiro upstream. - Refreshes access tokens automatically and streams Server-Sent Events end-to-end.
- Ships with a polished web admin panel for account management, observability, and request audit.
Important
Single-binary local proxy. Not a hosted service, not affiliated with Amazon, AWS, or Kiro. You must own or be authorized to use every account you add to the pool.
If this project helps you, a Star would mean a lot.
Login — minimal, theme-aware sign-in |
Live Monitor — RPM, error rate, traffic heatmap |
Account Pool — multi-account, round-robin, auto-refresh |
Request Log — paginated search, filters, full audit |
API Playground — test endpoints inside the panel |
Backups — snapshots, schedules, one-click restore |
Outbound Proxy — SOCKS5 / HTTP, hot-swap without restart |
Settings — thinking mode, theme, i18n, admin |
- Anthropic
/v1/messageswith native tool use and streaming. - OpenAI
/v1/chat/completionswith full tool-call shape parity. - OpenAI
/v1/responseswithprevious_response_idchaining and stored response retrieval. - SSE streaming for every endpoint, with mid-stream account failover on transient upstream errors.
- Request body decompression (gzip/deflate) for clients that pre-compress payloads.
- Multiple Kiro accounts with round-robin selection per model.
- Automatic OAuth token refresh ahead of expiry.
- Auth methods: AWS Builder ID, IAM Identity Center (Enterprise SSO), SSO Token, local cache, credentials JSON.
- Per-account import / export and bulk operations.
- Live observability: RPM, error rate, model mix, traffic heatmap.
- Request log with paginated search, status filter, and SQLite-backed history.
- In-panel API playground for testing endpoints without leaving the UI.
- Snapshots and scheduled backups with one-click restore.
- Theme-aware UI (light / dark / system) with cache-friendly headers.
- i18n: English and 简体中文 ship in-tree.
- Outbound proxy support — SOCKS5 or HTTP, switched live without restart.
- Configurable thinking-mode suffix and Anthropic
thinkingconfig passthrough.
- Single-file SQLite (
modernc.org/sqlite) database atkiro.db, using DELETE journal mode. - 30-day retention on stored responses, asynchronous writes off the request hot path.
| Component | Version |
|---|---|
| Go | 1.25 + |
| OS | Linux / macOS |
| Container | Docker 24+ optional |
| Storage | Local volume on disk |
git clone https://github.com/tanu360/kiro-reverse-api.git
cd kiro-reverse-api
docker-compose up -ddocker run -d \
--name kiro-proxy \
-p 8080:8080 \
-e ADMIN_PASSWORD=your_secure_password \
-v /path/to/kiro-proxy-state:/app/state \
--restart unless-stopped \
ghcr.io/tanu360/kiro-reverse-api:latestgit clone https://github.com/tanu360/kiro-reverse-api.git
cd kiro-reverse-api
go build -o kiro-proxy .
./kiro-proxyTip
kiro.db is auto-created on first launch. Set DATA_DIR to store it somewhere else; Docker uses /app/state. The default admin password is changeme — override it via ADMIN_PASSWORD or change it from the admin panel before exposing the service.
| Variable | Purpose | Default |
|---|---|---|
DATA_DIR |
Directory for kiro.db |
. |
ADMIN_PASSWORD |
Admin panel password (overrides config) | — |
Warning
kiro.db holds OAuth tokens and admin credentials. Treat it as secret — keep it out of git, screenshots, and chat threads. Mount the database directory as a private volume.
Open http://localhost:8080/admin, log in, add accounts, then call the API:
# Anthropic — Claude
curl http://localhost:8080/v1/messages \
-H "Content-Type: application/json" \
-H "anthropic-version: 2023-06-01" \
-d '{"model":"claude-sonnet-4.5","max_tokens":1024,"messages":[{"role":"user","content":"Hello!"}]}'
# OpenAI — Chat Completions
curl http://localhost:8080/v1/chat/completions \
-H "Content-Type: application/json" \
-H "Authorization: Bearer any" \
-d '{"model":"gpt-4o","messages":[{"role":"user","content":"Hello!"}]}'
# OpenAI — Responses
curl http://localhost:8080/v1/responses \
-H "Content-Type: application/json" \
-H "Authorization: Bearer any" \
-d '{"model":"gpt-4o","input":"Hello!"}'| Method | Path | What it does |
|---|---|---|
POST |
/v1/messages |
Anthropic-format Claude completions |
POST |
/v1/chat/completions |
OpenAI-format chat completions |
POST |
/v1/responses |
OpenAI Responses API (stored + chained) |
GET |
/v1/responses/{id} |
Retrieve a previously stored response |
DELETE |
/v1/responses/{id} |
Delete a stored response |
GET |
/v1/models |
List available models |
GET |
/v1/stats |
Aggregate proxy usage statistics |
GET |
/admin |
Web admin panel |
Append a suffix (default -thinking) to the model name to enable reasoning, e.g. claude-sonnet-4.5-thinking.
Claude-compatible requests that include a top-level thinking config also enable the mode automatically:
{ "type": "enabled", "budget_tokens": 2048 }
{ "type": "adaptive" }Output format is configured in Settings → Thinking Mode in the admin panel.
For users in restricted network regions, configure an outbound proxy in the admin panel under Settings → Outbound Proxy Settings.
| Type | Example |
|---|---|
| SOCKS5 | socks5://127.0.0.1:1080 |
| HTTP | http://127.0.0.1:8888 |
Tip
The setting takes effect immediately, no restart required.
| Variable | Description | Default |
|---|---|---|
DATA_DIR |
Directory for kiro.db |
. |
ADMIN_PASSWORD |
Admin panel password (overrides config) | — |
+ kiro.db # local state — config, credentials, SQLite history, backup blobsCaution
Treat kiro.db as sensitive — it stores account tokens and admin credentials in plain text on disk.
This project is a continuation of Quorinex/Kiro-Go. Due credit for the original work belongs to the original author; I am continuing and maintaining it forward.
- ✅ Use only with accounts you are authorized to operate.
- ❌ Do not use for bulk account scraping or terms-of-service evasion.
- ❌ Do not add CAPTCHA bypass, identity spoofing, or rate-limit evasion.
- 🔐 Keep
kiro.dbout of git, public backups, and screenshots. - 🧯 If upstream returns persistent auth errors, the proxy fails fast — investigate before retrying.
Important
For educational and research purposes only. Not affiliated with Amazon, AWS, or Kiro. Users are responsible for complying with applicable terms of service and laws. Use at your own risk.