← Documentation// API REFERENCE

REST API

Every action the Boottify dashboard performs is also callable from your own code. Provision tenants, roll out deploys, rotate keys, and wire billing events into your product — all under your brand.

Stable endpoints below. Full OpenAPI spec shipping Q3 — ping us if you need it sooner.

Auth

Session-cookie auth (Lucia v3). OAuth callbacks below. All API requests require a valid session unless marked public.

POST/api/auth/sign-inPublic

Email + password sign-in.

Request

{ "email": "you@acme.dev", "password": "••••" }

Response

{ "user": { "id": "...", "email": "...", "role": "..." } }

// noteSets a session cookie. Respects auth rate limits from auth_settings.

GET/api/auth/heartbeatSession cookie

Check the current session (null if signed out).

Response

{ "id": "...", "email": "...", "firstName": "...", "role": "CLIENT" }

POST/api/auth/sign-outSession cookie

Invalidate the current session.

Response

{ "ok": true }

Apps

Manage deployed apps. App-scoped endpoints are enforced by owner/collaborator role.

POST/api/client/quick-deploySession cookie

One-click ForgeHub workspace (free tier).

Request

// no body

Response

{ "deploymentId": "...", "appId": "...", "subdomain": "you.boottify.com" }

// noteRate limited 1 per 10 minutes per user. Requires a verified email. Returns 503 with Retry-After if the cluster is at the free-tier concurrency cap.

POST/api/deploySession cookie

Full deploy via the wizard (marketplace template + paid plan).

Request

{
  "appTemplateId": "...",
  "appName": "my-shop",
  "domainType": "subdomain" | "custom",
  "subdomain": "my-shop",
  "customDomain": "shop.example.com",
  "planId": "...",
  "paymentMethod": "stripe" | "paypal" | "wire" | "free"
}

Response

{ "deploymentId": "...", "checkoutUrl"?: "..." }

GET/api/client/appsSession cookie

List apps owned by or shared with the authenticated user.

Response

{ "apps": [ { "id": "...", "name": "...", "status": "ACTIVE", "subdomain": "..." } ] }

Team

Invite collaborators to an app. Invitation tokens are signed and single-use — see `/docs/security` for the threat model.

POST/api/client/team/inviteSession + app owner

Send a signed invitation email.

Request

{ "email": "teammate@acme.dev", "appId": "...", "role": "viewer" | "editor" | "admin" }

Response

{ "invitationId": "...", "expiresAt": "2026-05-04T00:00:00Z" }

// noteUniform response — the endpoint does not leak whether the invitee already has an account.

POST/api/client/team/acceptSession cookie

Accept an invitation after clicking the emailed link.

Request

{ "token": "..." }

Response

{ "appId": "...", "role": "editor" }

// noteSession email MUST match the email the invite was sent to. Single-use, expires in 14 days.

Billing

Stripe-backed. All subscription lifecycle events flow through our webhook.

GET/api/client/billing/subscriptionsSession cookie

List active subscriptions for the current user.

Response

{ "subscriptions": [ { "id": "...", "plan": "professional", "status": "ACTIVE", "renewsAt": "..." } ] }

POST/api/webhooks/stripeSigned token

Stripe webhook receiver.

Response

{ "received": true }

// noteVerified via Stripe signature header. Do not call directly. Handles customer.subscription.created/updated/deleted and invoice lifecycle events.

Marketplace

Browse templates. Pass `curated=true` for the agency-focused shortlist; omit to see the full catalog.

GET/api/marketplace/appsPublic

List marketplace templates.

Request

// query: ?search=ghost&category=cms&curated=true&page=1&limit=24

Response

{ "templates": [ ... ], "categories": [ ... ], "pagination": { ... } }

Public

Unauthenticated endpoints used by the marketing surface.

GET/api/public/uptimePublic

Cluster uptime for the landing trust bar.

Response

{ "percent": 99.97, "status": "operational", "windowDays": 30, "updatedAt": "..." }

POST/api/unsubscribe?t=<token>Signed token

RFC 8058 one-click unsubscribe.

Request

// body: List-Unsubscribe=One-Click

Response

{ "ok": true }

// noteHonored by Gmail, Yahoo, Apple Mail. Required to stay out of the spam folder for bulk campaigns.

Missing an endpoint?

This is the shortlist. If you're integrating Boottify into your own product and need something that isn't here, ask — we'll expose it if it's a reasonable primitive.

Request an endpoint →

Auth

Session-cookie auth (Lucia v3). OAuth callbacks below. All API requests require a valid session unless marked public.

POST/api/auth/sign-inPublic

Email + password sign-in.

Request

{ "email": "you@acme.dev", "password": "••••" }

Response

{ "user": { "id": "...", "email": "...", "role": "..." } }

// noteSets a session cookie. Respects auth rate limits from auth_settings.

GET/api/auth/heartbeatSession cookie

Check the current session (null if signed out).

Response

{ "id": "...", "email": "...", "firstName": "...", "role": "CLIENT" }

POST/api/auth/sign-outSession cookie

Invalidate the current session.

Response

{ "ok": true }

Apps

Manage deployed apps. App-scoped endpoints are enforced by owner/collaborator role.

POST/api/client/quick-deploySession cookie

One-click ForgeHub workspace (free tier).

Request

// no body

Response

{ "deploymentId": "...", "appId": "...", "subdomain": "you.boottify.com" }

// noteRate limited 1 per 10 minutes per user. Requires a verified email. Returns 503 with Retry-After if the cluster is at the free-tier concurrency cap.

POST/api/deploySession cookie

Full deploy via the wizard (marketplace template + paid plan).

Request

{
  "appTemplateId": "...",
  "appName": "my-shop",
  "domainType": "subdomain" | "custom",
  "subdomain": "my-shop",
  "customDomain": "shop.example.com",
  "planId": "...",
  "paymentMethod": "stripe" | "paypal" | "wire" | "free"
}

Response

{ "deploymentId": "...", "checkoutUrl"?: "..." }

GET/api/client/appsSession cookie

List apps owned by or shared with the authenticated user.

Response

{ "apps": [ { "id": "...", "name": "...", "status": "ACTIVE", "subdomain": "..." } ] }

Team

Invite collaborators to an app. Invitation tokens are signed and single-use — see `/docs/security` for the threat model.

POST/api/client/team/inviteSession + app owner

Send a signed invitation email.

Request

{ "email": "teammate@acme.dev", "appId": "...", "role": "viewer" | "editor" | "admin" }

Response

{ "invitationId": "...", "expiresAt": "2026-05-04T00:00:00Z" }

// noteUniform response — the endpoint does not leak whether the invitee already has an account.

POST/api/client/team/acceptSession cookie

Accept an invitation after clicking the emailed link.

Request

{ "token": "..." }

Response

{ "appId": "...", "role": "editor" }

// noteSession email MUST match the email the invite was sent to. Single-use, expires in 14 days.

Billing

Stripe-backed. All subscription lifecycle events flow through our webhook.

GET/api/client/billing/subscriptionsSession cookie

List active subscriptions for the current user.

Response

{ "subscriptions": [ { "id": "...", "plan": "professional", "status": "ACTIVE", "renewsAt": "..." } ] }

POST/api/webhooks/stripeSigned token

Stripe webhook receiver.

Response

{ "received": true }

// noteVerified via Stripe signature header. Do not call directly. Handles customer.subscription.created/updated/deleted and invoice lifecycle events.

Marketplace

Browse templates. Pass `curated=true` for the agency-focused shortlist; omit to see the full catalog.

GET/api/marketplace/appsPublic

List marketplace templates.

Request

// query: ?search=ghost&category=cms&curated=true&page=1&limit=24

Response

{ "templates": [ ... ], "categories": [ ... ], "pagination": { ... } }

Public

Unauthenticated endpoints used by the marketing surface.

GET/api/public/uptimePublic

Cluster uptime for the landing trust bar.

Response

{ "percent": 99.97, "status": "operational", "windowDays": 30, "updatedAt": "..." }

POST/api/unsubscribe?t=<token>Signed token

RFC 8058 one-click unsubscribe.

Request

// body: List-Unsubscribe=One-Click

Response

{ "ok": true }

// noteHonored by Gmail, Yahoo, Apple Mail. Required to stay out of the spam folder for bulk campaigns.