Infrastructure API
One API to run your projects.
The /platform/v1 plane manages your projects, members, consumers, devices, billing, domains and SSO. Create a project, mint a scoped API key, and make your first authenticated call in minutes.
The /platform/v1 plane
Everything your integration needs.
Projects & members
Create projects, invite members, and assign roles. Every request is scoped to one project.
Consumers & devices
Provision the end users of your product and the devices they connect from.
Billing
Plans, subscriptions, payment methods and entitlements, on your project's catalog.
Domains
Add and verify custom domains for your project's surfaces.
SSO
Wire OIDC single sign-on for your team and your customers.
API keys
self-serveMint, list, rotate and revoke project-scoped fvpn_ keys — self-serve, from the console or the API itself.
From zero to first call
Create a key, make a call.
Create a project
POST /platform/v1/projects — or pick an existing one from the console.
Mint an API key
POST /platform/v1/api-keys with a label. The plaintext fvpn_v1_ secret is returned exactly once — store it now.
Make your first authenticated call
Send the key as a Bearer token to any /platform/v1 endpoint — start with GET /platform/v1/projects.
# 1. Mint a project-scoped key — the plaintext fvpn_v1_ secret is returned ONCE.
curl -X POST https://api.fvpn.net/platform/v1/api-keys \
-H "Authorization: Bearer $FORESTVPN_TOKEN" \
-H "X-Project-Id: $PROJECT_ID" \
-H "Content-Type: application/json" \
-d '{"name":"ci"}'
# 2. First authenticated call — present the new key as a Bearer token.
curl https://api.fvpn.net/platform/v1/projects \
-H "Authorization: Bearer fvpn_v1_…"import {
Configuration,
PlatformApiKeysApi,
ProjectsApi,
type CreateApiKeyRequest,
} from "@forestvpn/console-api";
const config = new Configuration({ basePath: "https://api.fvpn.net" });
// Mint a key (the secret is on the response exactly once).
const body: CreateApiKeyRequest = { name: "ci" };
const minted = await new PlatformApiKeysApi(config)
.createPlatformApiKey(projectId, body);
const secret = minted.data.secret; // fvpn_v1_…
// First authenticated call with the new key.
const keyed = new Configuration({ basePath: "https://api.fvpn.net", accessToken: secret });
const { data } = await new ProjectsApi(keyed).listMyProjects();One API origin, Bearer auth with a project-scoped key. The plaintext secret is shown once on create or rotate — the API never returns it again.
Build on the Infrastructure API.
Create a project, mint an API key, and make your first authenticated call in minutes.