How Guardian measures
Guardian is an independent status directory for developer APIs and remote MCP servers: live status, measured uptime history, incident timelines and change detection, on one page per provider.
Independent probes
Guardian sends its own keyless probes from Cloudflare's edge: HTTPS GET requests to REST endpoints nominally every 5 minutes, and a JSON-RPC tools/list handshake to MCP servers nominally every 15 minutes. When a vendor rate-limits Guardian, probing automatically backs off to 4x the interval until a probe succeeds. Every probe declares itself: Guardian/1.0 (API Monitor; +https://guardiandev.ai/docs/monitoring) for REST, Guardian/1.0 (MCP Monitor; +https://guardiandev.ai/docs/monitoring) for MCP servers. No credentials are ever sent, and nothing a vendor publishes can alter what Guardian measured.
Auth-walled endpoints
Many production APIs correctly refuse keyless requests. Where the expected refusal is known (for example HTTP 401 from an API that requires a key), a matching reply counts as a confirmed-up measurement and shows green: Reachable, auth required. Where Guardian cannot verify health without credentials, the state stays muted and honest: Auth-walled, unverified. The two are never merged.
Two lanes, never mixed
Pages show two clearly labeled lanes. Guardian-measured is what our probes observed. Vendor-reported is what the provider's own status feed says about its components. Vendor data is displayed for context and never feeds Guardian's uptime math. A vendor-declared whole-provider incident can escalate a directory headline; the reverse never happens: a vendor all-clear never overrides a measured problem.
Uptime and incidents
Uptime accrues from per-day aggregates for up to 90 days per service, starting the day monitoring begins; history is never backfilled or fabricated. Incident timelines pair observed transitions into open and resolved episodes, and anything currently degraded or down always appears as an ongoing item, even when its start predates recorded history.
Use the data
Every entry page has an Integrate section with a status badge you can embed, versioned JSON, and an Atom feed for your reader. Provider pages have a provider-level feed. All of it is public, CORS-enabled and keyless.
Missing an API? Run a one-off check: endpoints that several people request over a few days are reviewed and added to the directory.