Docs version 1.0.0

Getting Started

Foundation docs that explain the platform architecture, onboarding flow, and how to deploy your first tenant app.

Forge CLI

Command reference, automation workflows, and provider integrations for the Forge CLI surface.

Forge API

HTTP API endpoints, authentication, and usage examples for automating projects outside the CLI.

SDK & Packages

Client libraries, hooks, and configuration helpers that power generated apps and the dashboard.

Integration Guides

How App Factory integrates with Supabase, Stripe, Vercel, domains, analytics, and legacy mobile tooling.

Operations & Compliance

Runbooks, infrastructure playbooks, security posture, audits, and the continuously updated changelog.

🔍⌘K

Start typing to search docs.

Forge API Overview

1.0.0

API surface, auth flows, and when to favor API vs CLI.

On this page

When to use the API
Authentication
Example: list apps
Example: fetch integration credentials
Reference materials

When to use the API

Use the Forge API whenever you need to automate configuration or telemetry outside the CLI:

Sync orgs/apps into customer success tools.
Pull generated environment variables into existing CD pipelines.
Audit pricing, store metadata, or domain status for compliance reports.

Authentication

Info

Every request requires an API key in the X-API-Key header. Keys map to a specific organization; rotate them through the dashboard or Doppler.

Keys inherit the same RLS controls as the Supabase service role tokens.
Check rate limits via the X-RateLimit-* headers on each response.

Example: list apps

curl

curl -H 'X-API-Key: $FORGE_API_KEY' https://api.app-factory.com/v1/orgs/org_123/apps

View

import fetch from 'node-fetch';

const res = await fetch('https://api.app-factory.com/v1/orgs/org_123/apps', {
  headers: { 'X-API-Key': process.env.FORGE_API_KEY! },
});
const data = await res.json();

import requests

response = requests.get(
    'https://api.app-factory.com/v1/orgs/org_123/apps',
    headers={'X-API-Key': FORGE_API_KEY}
)
data = response.json()

Example: fetch integration credentials

Warning

This endpoint requires an API key created with the secrets:read scope. Keys with lower scopes receive a 403 response.

curl

curl -H 'X-API-Key: $FORGE_API_KEY' \
'https://api.app-factory.com/v1/keys/self/credentials?appId=app_123'

View

import fetch from 'node-fetch';

const res = await fetch('https://api.app-factory.com/v1/keys/self/credentials?appId=app_123', {
  headers: { 'X-API-Key': process.env.FORGE_API_KEY! },
});

if (!res.ok) {
  throw new Error(`Credential fetch failed: ${res.status}`);
}

const bundle = await res.json();
console.log(bundle.data.apps[0].integrations);

import requests

response = requests.get(
    "https://api.app-factory.com/v1/keys/self/credentials",
    params={"appId": "app_123"},
    headers={"X-API-Key": FORGE_API_KEY},
)
response.raise_for_status()
bundle = response.json()
print(bundle["data"]["apps"][0]["secrets"])

Reference materials

See the API reference generated from ops/forge-api/openapi.yaml.
Review authentication patterns to manage service tokens safely.