All API endpoints require authentication via the auth-token header unless otherwise noted.
Base URL: https://your-proxy-host.com/api
POST /api/auth/login
Authenticate a user and receive an auth token.
curl -H "Content-Type: application/json" \
-X POST \
-d '{"username": "myuser", "password": "mypassword"}' \
https://proxy-host.com/api/auth/loginResponses:
200{"login": true, "token": "027d3964-7d81-4462-a6f9-2c1f9b40b4be", "message": "myuser logged in!"}401{"name": "LoginFailed", "message": "Invalid Credentials, login failed."}
ALL /api/auth/logout
Invalidate the current auth token.
curl -H "auth-token: your-token-here" \
-X POST \
https://proxy-host.com/api/auth/logoutResponses:
200{"message": "Bye"}
All user endpoints require authentication.
GET /api/user
Get list of all users.
curl -H "auth-token: your-token-here" \
https://proxy-host.com/api/userQuery Parameters:
detail- Include full user details (optional)
Responses:
200{"results": ["user1", "user2"]}200{"results": [{"username": "user1", ...}, ...]}(with?detail=true)
GET /api/user/me
Get information about the currently authenticated user.
curl -H "auth-token: your-token-here" \
https://proxy-host.com/api/user/meResponses:
200{"username": "myuser"}
POST /api/user
Create a new user.
curl -H "Content-Type: application/json" \
-H "auth-token: your-token-here" \
-X POST \
-d '{"username": "newuser", "password": "newpassword"}' \
https://proxy-host.com/api/userResponses:
200User created successfully409Username already exists422{"name": "ObjectValidateError", "message": ...}Validation error
DELETE /api/user/:username
Delete a user account.
curl -H "auth-token: your-token-here" \
-X DELETE \
https://proxy-host.com/api/user/olduserResponses:
200{"username": "olduser", "results": ...}404User not found
PUT /api/user/password
Change the password for the currently authenticated user.
curl -H "Content-Type: application/json" \
-H "auth-token: your-token-here" \
-X PUT \
-d '{"password": "newpassword"}' \
https://proxy-host.com/api/user/passwordResponses:
200{"results": ...}Password changed successfully
PUT /api/user/password/:username
Change the password for another user (admin function).
curl -H "Content-Type: application/json" \
-H "auth-token: your-token-here" \
-X PUT \
-d '{"password": "newpassword"}' \
https://proxy-host.com/api/user/password/otheruserResponses:
200{"results": ...}Password changed successfully404User not found
POST /api/user/invite
Create an invitation token for new user registration.
curl -H "auth-token: your-token-here" \
-X POST \
https://proxy-host.com/api/user/inviteResponses:
200{"token": "5caf94d2-2c91-4010-8df7-968d10802b9d"}
POST /api/user/key
Add an SSH public key to the current user's account.
curl -H "Content-Type: application/json" \
-H "auth-token: your-token-here" \
-X POST \
-d '{"key": "ssh-rsa AAAAB3..."}' \
https://proxy-host.com/api/user/keyResponses:
200{"message": true}Key added successfully400{"message": "Bad SSH key"}Invalid key format
Manage proxy host configurations.
GET /api/host
Get list of all configured hosts.
curl -H "auth-token: your-token-here" \
https://proxy-host.com/api/hostQuery Parameters:
detail- Include full host details (optional)
Responses:
200{"results": ["example.com", "*.wildcard.com"]}200{"results": [{"host": "example.com", "ip": "192.168.1.10", ...}, ...]}(with?detail=true)
GET /api/host/:host
Get configuration for a specific host.
curl -H "auth-token: your-token-here" \
https://proxy-host.com/api/host/example.comResponses:
200{"item": "example.com", "results": {"host": "example.com", "ip": "192.168.1.10", "targetPort": 8080, ...}}404{"name": "HostNotFound", "message": "Host does not exists"}
GET /api/host/lookup/:domain
Test the host lookup algorithm (supports wildcard matching).
curl -H "auth-token: your-token-here" \
https://proxy-host.com/api/host/lookup/sub.example.comResponses:
200{"string": "sub.example.com", "results": {"host": "*.example.com", ...}}200{"string": "sub.example.com", "results": null}(no match)
GET /api/host/lookupobj
Get the internal lookup tree structure (for debugging).
curl -H "auth-token: your-token-here" \
https://proxy-host.com/api/host/lookupobjResponses:
200{"results": {"com": {"example": {...}}}}
POST /api/host
Add a new host configuration.
Parameters:
host(required) - Domain name (e.g.,example.com,*.example.com)ip(required) - Target IP address or FQDNtargetPort(required) - Target port number (1-65535)forcessl(optional) - Force HTTPS redirect (default: true)targetssl(optional) - Use HTTPS to backend (default: false)challengeType(optional) - For wildcards:DNS-01-wildcardorwildcardChild
curl -H "Content-Type: application/json" \
-H "auth-token: your-token-here" \
-X POST \
-d '{"host": "example.com", "ip": "192.168.1.10", "targetPort": 8080, "forcessl": true, "targetssl": false}' \
https://proxy-host.com/api/hostResponses:
200{"message": "\"example.com\" added.", "host": "example.com", ...}409{"name": "HostNameUsed", "message": "Host already exists"}422{"name": "ObjectValidateError", "message": ...}Validation error
PUT /api/host/:host
Update an existing host configuration.
Parameters: Same as Create Host (all optional)
curl -H "Content-Type: application/json" \
-H "auth-token: your-token-here" \
-X PUT \
-d '{"ip": "192.168.1.20", "targetPort": 9000}' \
https://proxy-host.com/api/host/example.comResponses:
200{"message": "\"example.com\" updated.", ...}404{"name": "HostNotFound", "message": "Host does not exists"}422Validation error
DELETE /api/host/:host
Remove a host configuration.
curl -H "auth-token: your-token-here" \
-X DELETE \
https://proxy-host.com/api/host/example.comResponses:
200{"message": "example.com deleted", ...}404{"name": "HostNotFound", "message": "Host does not exists"}
PUT /api/host/:host/renew
Manually trigger wildcard certificate renewal.
curl -H "auth-token: your-token-here" \
-X PUT \
https://proxy-host.com/api/host/*.example.com/renewResponses:
200{"message": "Requesting wildcard cert for *.example.com"}404Host not found
Manage DNS provider integrations for wildcard SSL certificates.
GET /api/dns
Get list of configured DNS providers.
curl -H "auth-token: your-token-here" \
https://proxy-host.com/api/dnsQuery Parameters:
detail- Include full provider details (optional)
Responses:
200{"results": ["provider-id-1", "provider-id-2"]}
OPTIONS /api/dns
Get list of supported DNS provider types and their configuration requirements.
curl -H "auth-token: your-token-here" \
-X OPTIONS \
https://proxy-host.com/api/dnsResponses:
200{"results": [{"name": "CloudFlare", "fields": {...}}, {"name": "DigitalOcean", ...}, ...]}
POST /api/dns
Configure a new DNS provider.
CloudFlare:
curl -H "Content-Type: application/json" \
-H "auth-token: your-token-here" \
-X POST \
-d '{"name": "My CloudFlare", "dnsProvider": "Cloudflare", "token": "your-api-token"}' \
https://proxy-host.com/api/dnsDigitalOcean:
curl -H "Content-Type: application/json" \
-H "auth-token: your-token-here" \
-X POST \
-d '{"name": "My DO", "dnsProvider": "DigitalOcean", "token": "your-api-token"}' \
https://proxy-host.com/api/dnsPorkBun:
curl -H "Content-Type: application/json" \
-H "auth-token: your-token-here" \
-X POST \
-d '{"name": "My PorkBun", "dnsProvider": "PorkBun", "apiKey": "pk_xxx", "secretApiKey": "sk_xxx"}' \
https://proxy-host.com/api/dnsResponses:
200{"message": "\"provider-id\" added.", ...}422Validation error or invalid API credentials
GET /api/dns/:id
Get a specific DNS provider configuration.
curl -H "auth-token: your-token-here" \
https://proxy-host.com/api/dns/provider-idResponses:
200{"item": "provider-id", "results": {...}}404Provider not found
PUT /api/dns/:id
Update DNS provider configuration.
curl -H "Content-Type: application/json" \
-H "auth-token: your-token-here" \
-X PUT \
-d '{"name": "Updated Name"}' \
https://proxy-host.com/api/dns/provider-idResponses:
200{"message": "\"provider-id\" updated.", ...}404Provider not found
DELETE /api/dns/:id
Remove a DNS provider and all associated domains.
curl -H "auth-token: your-token-here" \
-X DELETE \
https://proxy-host.com/api/dns/provider-idResponses:
200{"message": "provider-id deleted", ...}404Provider not found
GET /api/dns/domain
List all domains from all configured providers.
curl -H "auth-token: your-token-here" \
https://proxy-host.com/api/dns/domainQuery Parameters:
detail- Include full domain details (optional)
Responses:
200{"results": ["example.com", "test.com"]}
GET /api/dns/domain/:domain
Get details for a specific domain.
curl -H "auth-token: your-token-here" \
https://proxy-host.com/api/dns/domain/example.comResponses:
200{"results": [{"domain": "example.com", "zoneId": "...", ...}]}404Domain not found
POST /api/dns/domain/refresh/:providerId
Refresh the domain list from a DNS provider's API.
curl -H "auth-token: your-token-here" \
-X POST \
https://proxy-host.com/api/dns/domain/refresh/provider-idResponses:
200{"results": ...}Updated domain list404Provider not found
Retrieve SSL certificate information.
GET /api/cert/:host
Get the SSL certificate for a host.
curl -H "auth-token: your-token-here" \
https://proxy-host.com/api/cert/example.comResponses:
200Certificate data includingcert_pem,fullchain_pem,privkey_pem, expiry information404Certificate not found
All endpoints may return the following error responses:
401{"name": "LoginFailed", "message": "Invalid Credentials, login failed."}- Authentication required or invalid404{"name": "NotFound", "message": "..."}- Resource not found422{"name": "ObjectValidateError", "message": [...], "keys": [...]}- Validation errors500Internal server error
- All timestamps are in milliseconds since epoch
- The
auth-tokenheader is required for all authenticated endpoints - Host names support wildcards:
*(single level) and**(multi-level) - DNS providers are validated on creation - invalid API credentials will be rejected
- Wildcard certificates are automatically renewed 30 days before expiration