ElevenLabs

Proxies the entire ElevenLabs REST API, injecting the secret xi-api-key header. Unlike the other upstreams, ElevenLabs is a whole API surface, so the gateway mounts a wildcard and forwards the path after /elevenlabs/ verbatim:

GET|POST|PATCH|DELETE /elevenlabs/<api path>   → https://api.elevenlabs.io/<api path>

Because the path passes through unchanged, new ElevenLabs endpoints work without any gateway change. The methods mirror what ElevenLabs documents — GET, POST, PATCH (updates, e.g. /v1/convai/agents/{agent_id}), and DELETE. No documented endpoint uses PUT.

Common paths

What the gateway injects and strips

• The xi-api-key header is injected, overwriting any client-supplied one.
• A client-supplied xi-api-key query param is dropped (in any encoding).
• The Authorization header is stripped before forwarding.

Responses, including binary audio

Responses stream back untouched. Text-to-speech and sound generation return binary audio (audio/mpeg or PCM), and the /stream variants chunk it — the gateway forwards the exact bytes.

$
curl -X POST "$GATEWAY/elevenlabs/v1/text-to-speech/JBFqnCBsd6RMkjVDRZzb" \
>
  -H "Authorization: Bearer $TOKEN" \
>
  -H "Content-Type: application/json" \
>
  -d '{"text": "Hello from the gateway", "model_id": "eleven_multilingual_v2"}' \
>
  --output speech.mp3

WebSocket / realtime use

For realtime use, fetch a short-lived credential through the proxy, then open the socket against ElevenLabs directly:

1. GET /elevenlabs/v1/convai/conversation/get-signed-url (or the realtime speech-to-text single-use-token endpoint) through the gateway.
2. Open the WebSocket against ElevenLabs directly using the credential it returns.

The master key still never reaches the client.

For request and response fields, follow ElevenLabs’ API reference — the gateway does not alter them.