Skip to main content
Hostifer exposes a REST API for authentication, project management, deployments, and GitHub integration.

Base URL

Use your backend URL as the API origin.
  • Local development: http://localhost:3000
  • Production: your deployed Hostifer backend URL

Authentication

You authenticate protected routes with a Bearer token in the Authorization header. 
Authorization: Bearer <access_token>
Get tokens from POST /auth/login, then refresh them with POST /auth/refresh when needed.
Most routes under Projects, Deployments, and GitHub require a valid Bearer token.

Request and response format

You send and receive JSON for standard REST endpoints.
  • Content type: application/json
  • Error responses: NestJS exception payloads with an HTTP status code and message
  • Validation: request DTO validation is enforced for core modules

Streaming logs (SSE)

The deployment logs route streams Server-Sent Events instead of a single JSON response.
  • Endpoint: GET /deployments/:id/logs
  • Content type: text/event-stream
  • Event payloads include ready, log lines, error, and done

GitHub webhook verification

The GitHub webhook endpoint validates the x-hub-signature-256 signature against the raw request body.
  • Endpoint: POST /github/webhook
  • Headers required: x-github-event, x-hub-signature-256

Environment variables in API testing

The backend Postman collection uses these common variables:
  • baseUrl
  • accessToken
  • refreshToken
  • userId
  • projectId
  • deploymentId
Use the pages in this API reference tab to see per-module endpoint behavior and examples.