Skip to content
Infrastructure API

Infrastructure API

How the ForestVPN platform is shaped — projects, planes, authentication, and the guides that take you from zero to production.

The ForestVPN Infrastructure API is one HTTPS API at https://api.fvpn.net, split into role-scoped planes — the URL prefix tells you who a call acts as:

  • /platform/v1/* — the project surface: everything you do as a project (manage the project, mint API keys, read billing, inspect webhooks). Authenticated with a console session or a project API key.
  • /consumer/v1/* — the end-user surface: everything a project's end user (a consumer account and its devices) does. Authenticated with consumer/device credentials, never with staff keys.

Every operation on both planes is documented in the API reference, generated from the same committed OpenAPI documents the SDK clients are built from — the reference and the clients cannot disagree.

The mental model

  1. A project is your isolated tenant — members, keys, consumers, devices, and billing all hang off it. Requests carry the project UUID in the X-Project-Id header.
  2. Consumers are your end users — a separate identity system (/consumer/v1) fully scoped inside your project.
  3. Devices belong to consumers and are the unit the VPN actually connects.
  4. Billing webhooks give you an auditable record of every vendor billing event the platform processed for your project.

On this page