Integration Patterns

Common architectures for using Orovai APIs in production systems.

1. Registration Form Validation

Chain multiple services to validate user sign-ups before creating an account:

Flow
User submits form
  → /v1/email/check        (reject disposable emails)
  → /v1/password/breach-check (reject breached passwords)
  → /v1/phone/validate     (normalize phone number)
  → /v1/ip/geo             (log country for fraud detection)
  → Create account

2. CI/CD Pipeline Integration

Add API checks to your deployment pipeline:

GitHub Actions example
- name: Check SSL certificate
  run: |
    RESULT=$(curl -s -H "X-API-Key: ${{ secrets.OROVAI_KEY }}" \
      https://api.orovai.com/v1/ssl/check \
      -d '{"hostname": "myapp.com"}')
    DAYS=$(echo $RESULT | jq '.data.daysUntilExpiry')
    if [ "$DAYS" -lt 30 ]; then
      echo "::warning::SSL cert expires in $DAYS days"
    fi

3. Batch Processing

For high-volume workloads, use batch endpoints where available. Batch requests count as a single rate-limited call:

Python batch example
import requests

emails = ["user1@gmail.com", "user2@tempmail.org", "user3@company.com"]
response = requests.post(
    "https://api.orovai.com/v1/email/check-batch",
    headers={"X-API-Key": "mpk_your_key"},
    json={"emails": emails}
)
for result in response.json()["data"]["results"]:
    if result["disposable"]:
        print(f"Block: {result['email']}")

4. LLM / Claude Tool Use

Every Orovai service can be used as a tool by Claude, ChatGPT, or any LLM that supports function calling. See the Claude & LLM Integration section on each service page for MCP tool definitions.

Example prompt
User: "Check if the SSL certificate for github.com is valid"

Claude calls: POST /v1/ssl/check {"hostname": "github.com", "port": 443}
Claude reads the response and reports: "The SSL certificate for github.com
is valid, issued by DigiCert, and expires in 284 days."

5. Retry Strategy

When you receive a 429 Too Many Requests response:

  1. Read the Retry-After header (seconds to wait)
  2. Wait that many seconds before retrying
  3. For 500 errors, use exponential backoff: 1s, 2s, 4s, 8s (max 4 retries)
  4. Monitor X-RateLimit-Remaining-Minute headers proactively to avoid hitting limits
Python retry pattern
import time, requests

def call_with_retry(url, payload, api_key, max_retries=4):
    for attempt in range(max_retries):
        r = requests.post(url, json=payload,
            headers={"X-API-Key": api_key, "Content-Type": "application/json"})
        if r.status_code == 200:
            return r.json()
        if r.status_code == 429:
            wait = int(r.headers.get("Retry-After", 10))
            time.sleep(wait)
        elif r.status_code >= 500:
            time.sleep(2 ** attempt)
        else:
            r.raise_for_status()
    raise Exception("Max retries exceeded")

6. Webhook Processing Pipeline

Use the Webhook Inspector to capture, verify, and replay webhooks from providers like Stripe or GitHub. Combine with other services for enrichment:

Flow
Stripe sends webhook → /hooks/stripe (captured by Webhook Inspector)
  → Verify HMAC-SHA256 signature
  → /v1/ip/reputation (check sender IP)
  → /v1/json/validate (validate payload against schema)
  → Forward to your application

Related: ArchitectureRate LimitsError CodesQuick Start