SDK & API usage

Use the REST API from Node.js, browser, or any HTTP client. Types are available in the monorepo.

Authentication

Include these headers on every request (except login/register):

• Authorization: Bearer <accessToken> — from login or refresh.
• X-Tenant-Id: <tenantId> — required for tenant-scoped endpoints.
• Alternatively, for server-to-server: X-Api-Key: <apiKey> and X-Tenant-Id.

Base URL

All endpoints are under http://localhost:3001/api/. Set NEXT_PUBLIC_API_URL (or your env) in production.

Example helper (Node or browser)

const API_URL = process.env.GZ_API_URL || 'http://localhost:3001';

async function api(path, options = {}) {
  const token = process.env.GZ_TOKEN || localStorage?.getItem('accessToken');
  const tenantId = process.env.GZ_TENANT_ID || localStorage?.getItem('tenantId');
  const res = await fetch(API_URL + path, {
    ...options,
    headers: {
      'Content-Type': 'application/json',
      ...(token && { Authorization: 'Bearer ' + token }),
      ...(tenantId && { 'X-Tenant-Id': tenantId }),
      ...options.headers,
    },
  });
  if (!res.ok) throw new Error(await res.text() || res.statusText);
  return res.json();
}

// Usage
const apps = await api('/api/apps');
const app = await api('/api/apps', { method: 'POST', body: JSON.stringify({ name: 'My App', slug: 'my-app', template: 'ecommerce' }) });

Types

The monorepo package @gz266/shared-types provides DTOs and types for tenant, app, build, plugin, marketplace, auth, and builder schema. Use it in your app or backend for type-safe API responses:

import type { App, Build, Tenant } from '@gz266/shared-types';

There is no standalone published npm SDK; use fetch (or your HTTP client) with the headers above and the API Reference / OpenAPI spec for request/response shapes.

See code examples →