Install Keryx on your website and deliver an incredible user experience. Ask Siri: "What is my current balance?" or "How many unread news items do I have?" — and Keryx will instantly reply with data from your website via an absolutely secure protocol.
Keryx unifies two modules — Next-Gen for LLM integration and Legacy for Apple Siri Shortcuts — into a single, modular system with a shared tool registry.
Model Context Protocol endpoint for direct communication with Claude, ChatGPT and other LLMs. Streamable HTTP transport in stateless mode — ideal for load balancing.
Automatically generated OpenAPI schema from Zod definitions. LLM agents read it to discover available functions and how to communicate with your platform.
Generate Apple .shortcut files from URL and token. iOS users download the shortcut which executes an HTTP request with an Authorization header in one tap.
Timing-safe authentication, CORS policy, rate limiting (100 req/min), input validation with Zod schema, and ScPL injection protection.
Multi-stage Dockerfile, non-root user, healthcheck endpoint. Runs with a single command: docker-compose up. Optimized for WSL2 and Proxmox.
Every registered tool automatically gets a REST endpoint at /api/tools/<name>. Standard JSON request/response with validation and detailed errors.
The heart of Keryx is the shared tool registry. Each tool is defined ONCE as a Zod schema + handler, and all three API surfaces are generated automatically from it.
src/core/registry.ts — central storage. Each tool has a name, Zod input schema, description, and handler function. Modules register tools on initialization.GET /openapi.json), MCP tool list (POST /mcp), and REST routes (POST /api/tools/*).| Method | Path | Auth | Description |
|---|---|---|---|
| GET | /healthz | Public | Health check for Docker / load balancer |
| GET | /openapi.json | Public | OpenAPI 3.1 schema for Claude / ChatGPT |
| POST | /mcp | Token | MCP Streamable HTTP (stateless) |
| POST | /api/tools/gateway_status | Token | Gateway status and tool list |
| POST | /api/tools/echo | Token | Echo message (connection test) |
| POST | /api/tools/create_shortcut | Token | Generate Apple Siri shortcut |
| GET | /api/shortcuts/:id | Public | Download .shortcut file (capability URL) |
How does this actually look to your users? If you are not a developer, here is how the whole process goes — smoothly and without installing special apps.
The user is logged into your web app. You place a simple "Add to my iPhone" button. When clicked, your app silently sends an instruction and the user's token to Keryx.
In a fraction of a second, Keryx packages those instructions and generates a native Apple shortcut file (.shortcut). Keryx then returns a secure download link for that file to your site.
The user's phone automatically downloads the file. The built-in Shortcuts app opens on the iPhone. The user simply confirms with "Add Shortcut" and that's it.
Who want to expose their platform functionality to AI agents without writing an MCP server from scratch. Register a tool — and Claude uses it instantly.
Self-hosted: data never leaves your infrastructure. Ideal for internal APIs that need to be accessible to voice assistants and LLMs.
Generate Siri shortcuts that call your API with a single tap. The bearer token is embedded in the shortcut — no need to type any credentials.
50MB Docker container, built-in healthcheck, runs on Proxmox/WSL2. Run it on your NAS or mini server and connect it with AI tools.
Built on blazing-fast technology, Keryx allows us to offer premium service at minimal costs. Start for free and pay only when your business grows.
Perfect for startups and small businesses to test the integration.
For growing businesses that need unlimited access and analytics.
For high-volume e-commerce sites with hundreds of thousands of visits.
We play the transparency and security card. Because the system handles your API tokens, our code is always 100% public on GitHub so you can be completely certain there are no hidden actions. We don't sell secret code — we sell "Keryx as a Service" to those who want a worry-free, fully managed solution that runs 24/7.
/mcp and gets a tool list or executes an operation.
/api/tools/create_shortcut. Keryx generates an Apple .shortcut file (binary property list) containing the embedded HTTP request. You get a download link — the iOS user opens it, adds the shortcut, and with a single tap (or voice command) calls your API.
.shortcut file — this is by design, because the shortcut must work autonomously. We recommend using tokens with limited permissions and a short lifespan. The download link expires after 10 minutes and contains an unguessable 128-bit ID.
src/modules/, define a Zod schema for input, write a handler function, and call registry.register(myTool). Keryx automatically generates an OpenAPI schema, MCP tool and REST route. You don't need to touch the core code — see src/modules/nextgen/tools.ts as an example.
KERYX_SHORTCUT_STORE_MAX).
cp .env.example .env, set KERYX_API_TOKEN and PUBLIC_BASE_URL, then run docker-compose up -d. The container uses Node.js 20 Alpine, runs as a non-root user, with a built-in healthcheck.
"type": "module"). TypeScript 5.7+ in strict mode. For development, tsx (watch mode) is used, and for production it compiles to JavaScript with npm run build.
KERYX_SHORTCUT_TTL_MS (default 10 minutes). After that, GET /api/shortcuts/:id returns 404 with the message "Shortcut not found or expired." The user can request a new shortcut. This prevents files from accumulating in memory.
KERYX_API_TOKEN empty in .env, authentication is disabled. In production, be sure to set a token — all protected endpoints require an Authorization: Bearer <token> header.
src/modules/nextgen/tools.ts, run npm run typecheck to check types, and open a Pull Request. Check TODO.md for planned features.
.shortcut files that work exclusively on iOS, iPadOS, and macOS devices.