API Documentation

Welcome to the Gateways API documentation. Most endpoints require authentication. Start here: Authentication & API access — base URL, session JWT vs API keys (sk_, X-API-Key or Authorization: Bearer sk_…), WebSocket / URL token auth, and credential restrictions. For login, signup, 2FA, and profile endpoints, see Authentication & user management.

Base URL

https://api.gateways.app

Authentication

Session token: After login or signup, send the JWT in the Authorization header:

Authorization: Bearer YOUR_SESSION_JWT

API key (automation): Create keys with GET / POST / DELETE /api/users/api-keys (requires a session JWT). Use the secret with X-API-Key: sk_… or Authorization: Bearer sk_…. Details: Authentication & API access. Note: If two-factor authentication (2FA) is enabled for your account, the login process requires an additional verification step. After logging in with email and password, you’ll receive a verification token that must be used with the /api/auth/login/verify-2fa endpoint to complete authentication.

API Endpoints Overview

Core APIs

Authentication & API access — Base URL, session JWT vs API keys (sk_), X-API-Key, WebSocket URL token, credential restrictions.
Authentication & User Management
- User signup, login (with 2FA support), logout
- Two-factor authentication (2FA) login verification
- Password reset (forgot/reset)
- User profile management (update name, email, profile image)
- Change password
- Two-factor authentication (2FA) setup and management
- Session management
- Account deletion
Projects & Environments
- Project management (create, list, update, delete)
- Environment management (create, list, update, delete)
- Default project/environment settings
- Workspace integration (projects belong to workspaces)
Cloud Connections
- Connect AWS accounts
- List and manage cloud connections
- Complete connection setup

Resource Management

Servers & Instances
- Create EC2 instances
- List and manage servers
- Sync instance data from cloud provider (via unified resources API)
- Terminate instances
Unified Resources
- List all resources (instances, databases, applications, etc.)
- Get resource details
- Resource summary statistics
Applications
- Upload application files
- List applications
- Get application details
- Delete applications
Storage Buckets
- Create S3 buckets
- List and manage buckets
- Delete buckets
Bucket Files
- List files in S3 buckets
- Upload files to buckets
- Download files from buckets
- Delete files from buckets
- Get file metadata
Firewalls
- Create security groups
- Manage firewall rules
- Delete firewalls
Utility Resources
- Terminals (SSH/WebSocket to instances)
- Bucket explorers (S3/static website browsing)
- DB monitors (metadata/config for DB dashboards)
Bucket Explorers
- Detailed bucket explorer flows (creation, listing, linking)
Static Websites
- Create S3 buckets with static website hosting
- Configure public access and CORS
- Get website URLs
Databases
- Create RDS database instances (MySQL, PostgreSQL, MariaDB)
- Automatic DB subnet group creation
- Default security group integration
- List and manage databases
- Sync database status from cloud provider (via unified resources API)
- Get database metrics/pulse (CPU, connections, memory, I/O, network)
Cache Servers
- Create serverless ElastiCache instances (Valkey, Memcached, Redis OSS)
- Automatic security group and subnet management
- List and manage cache servers
- Sync cache server status from cloud provider (via unified resources API)
- Query available engine versions
Functions (Serverless/Lambda)
- Create AWS Lambda functions
- Support for multiple runtimes (Node.js, Python, Java, .NET, Go, Ruby)
- x86_64 and ARM64 architecture support
- Upload and update function code
- Invoke functions with custom payloads
- List and manage functions
- Delete functions
- Multiple file support for function packages
- Automatic Function URL generation
DNS Management
- Create DNS hosted zones (Route53)
- List and manage DNS zones
- Create, update, and delete DNS records
- Support for multiple record types (A, AAAA, CNAME, MX, TXT, etc.)
- Automatic name server assignment
- Multi-provider support for Route53 and Cloudflare, depending on project credentials
Subdomains
- Create and manage subdomain resources (blog, support, docs, etc.)
- Link subdomains to parent domains
- Update subdomain descriptions and positions
- Delete subdomains
- Integration with DNS and resource connections
Scalable Servers
- Create Auto Scaling Groups (ASG)
- Manage scalable server capacity (min/max/desired)
- Sync scalable server data from cloud provider (via unified resources API)
- Delete scalable servers
- Integration with DNS and other resources per your deployment
Activity Logs
- View user activity logs
- Filter by project, environment, resource type, and action
- Track resource creation, updates, deletions, and invocations
- Pagination support
Pricing Plans
- List all pricing plans
- Get plan details by slug
- Plan restrictions and limits
Workspaces
- Create and manage workspaces
- List user’s workspaces
- Workspace member management (add, update role, remove)
- Workspace settings and billing
- Role-based access control (owner, admin, member)
Payments
- Create and manage payment methods (Stripe)
- Upgrade workspace plans (with payment)
- Downgrade workspace plans (immediate)
- Stripe integration and frontend setup guide
Resource Connections
- Connect resources together
- Manage connections
- Get connection details
Resource Positions
- Update resource positions on canvas
- Position data in responses
Runtimes & Runtime Servers
- List runtimes catalog (GET /api/runtimes)
- List runtime servers by type (GET /api/runtimes/servers?runtimeName=node)
- Create, get, and delete runtime resources (project/environment-scoped)
- Runtime → instance connections install/remove runtime on server via SSH

Infrastructure & Configuration

Cloud Infrastructure

Get regions
Get instance types and pricing
Get images/AMIs
Get volume types
Get cache engines (Redis, Valkey, Memcached)
Get cache engine versions
Get Lambda runtimes (Node.js, Python, Java, .NET, Go, Ruby, Custom)
Get database types (MySQL, PostgreSQL, etc.)
Get database versions
Get database instance types

Legacy

Legacy Endpoints
- Deprecated endpoints (use project-based endpoints instead)

Common Response Formats

Success Response

{
  "message": "Operation completed successfully",
  "data": { ... }
}

Error Response

{
  "error": "Error Type",
  "message": "Human-readable error message"
}

Status Codes

200 - Success
201 - Created
400 - Bad Request
401 - Unauthorized
403 - Forbidden
404 - Not Found
409 - Conflict
500 - Internal Server Error

Rate Limiting

Currently, there are no rate limits implemented. This may change in future versions.

Pagination

Some endpoints support pagination with page and limit query parameters:

GET /api/endpoint?page=1&limit=50

Response includes pagination metadata:

{
  "pagination": {
    "page": 1,
    "limit": 50,
    "total": 100,
    "totalPages": 2,
    "hasNextPage": true,
    "hasPrevPage": false
  },
  "data": [ ... ]
}

Filtering

Many list endpoints support filtering via query parameters:

type - Filter by resource type
status - Filter by status
region - Filter by region
projectId - Filter by project
environmentId - Filter by environment

See individual endpoint documentation for available filters.

Support

For issues, questions, or contributions, please refer to the main README.md file.

Documentation Index

​Base URL

​Authentication

​API Endpoints Overview

​Core APIs

​Resource Management

​Infrastructure & Configuration

​Legacy

​Common Response Formats

​Success Response

​Error Response

​Status Codes

​Rate Limiting

​Pagination

​Filtering

​Support