Guides
API ReferenceUser docs

Geoblocking

Suggest Edits

Introduction

GeoBlocking can be enforced for specific products like Kiln DeFi, Kiln Onchain & Kiln Widget to enable our partner's when regional behaviors need to be implemented for legal and compliance reasons.

  • eg. preventing sanctioned countries to access a specific earn features within your application

To determine the user’s geographic location, Kiln requires the end-user IP to be passed in the HTTP header under X-Forwarded-For.

Based on the restricted product, the relative API route will be restricted and returning :

  • Error Code **451** Unavailable For Legal Reasons
{
  "message": "Access to this product is restricted in your country."
}

In your application you will need to implement a specific logic when this error code is received, for example inform the user that this product access is restricted in his region.


πŸ”› Geoblocking activation

You need to share your geoblocking preference (products and countries) with Kiln's team for it to be activated on your organization, if you want this feature to be accessible in self service please raise it to our team.

Once activated routes relative to a specific product will be blocking the selected regions.

ProductAPI Routes impacted when IP passed in X-Forwarded-For
Kiln Dedicated Stakinghttps://api.kiln.fi/v1//onchain/v1/*\&& https://api.kiln.fi/v1/eth//\*\
Kiln Poolinghttps://api.kiln.fi/v1//onchain/v2/*\
Kiln DeFihttps://api.kiln.fi/v1/defi/*\
Kiln Widgethttps://api.kiln.fi/v1/widget/*\

πŸ§‘β€πŸ’» Integration Guidelines for Partners

All partners integrating with Kiln DeFi APIs must ensure that :

  1. The end-user’s IP is passed in the X-Forwarded-For header.
    1. Note: Partners using a proxy should inject the correct X-Forwarded-For header into each request.
  2. Responses with a 451 status code are handled gracefully in the frontend or application logic.

Example behavior:

βœ… For allowed regions:

  • Full functionality and data visibility.

❌ For restricted regions:

  • If metadata cannot be retrieved (eg from network-stats), the related product should be excluded from any listing.
  • If a user interacts with a blocked product:
    • Show a popup or inline message explaining the restriction.
    • Disable all transactional or interactive actions (e.g., Deposit).

πŸ§ͺ Testing the GeoBlocking Logic

πŸ‘

Make sure you asked the Kiln's team to enable geoblocking region for your organization.

You can simulate a geoblocked IP by passing a test IP in your the X-Forwarded-For header on a product that you requested geoblocking, in this case Kiln DeFi. 

curl https://api.testnet.kiln.fi/v1/defi/stakes?wallets=0x7b4292494807BfC7387E7e0EcC65788Ed650F043&vaults=bsc_0x6E90B52A5eAb4e4a08135dcf8c93ABdf6caE9C91 \
  --verbose \
  --header 'X-Forwarded-For: 170.171.1.255' \
  --header 'Authorization: Bearer YOUR_API_KEY'

Expected Response: Error Code 451

{
  "message": "Access to this product is restricted in your country."
}

πŸ“˜

Please don't hesitate to raise any integration questions to Kiln's team

Updated 4 days ago