System and Auth
Public health, API key auth, operator status, configuration, logs, keys, and proxy management routes.
by @saifyxpro
Auth header
All protected routes use:
Pick the right credential
External scripts, SDKs, workflow tools, CLI calls, and MCP clients should always use a normal API key created from the dashboard. DASHBOARD_INTERNAL_API_KEY is for the dashboard proxy path only.
Public endpoint
| Method | Path | Purpose |
|---|---|---|
GET | /api/health | public health check and route summary |
Operator status
| Method | Path | Purpose |
|---|---|---|
GET | /api/operators/status | list all operators and their current availability |
Config endpoints
| Method | Path | Purpose |
|---|---|---|
GET | /api/config | read current runtime settings |
PATCH | /api/config | update runtime settings and restart browser runtime |
Typical config areas include browser timeout, concurrency, and Camoufox behavior.
Dashboard and logs
| Method | Path | Purpose |
|---|---|---|
GET | /api/dashboard/stats | read dashboard summary metrics |
GET | /api/logs | list paginated request logs |
GET | /api/logs/stats | read aggregated request log stats |
API key management
| Method | Path | Purpose |
|---|---|---|
GET | /api/keys | list API keys |
POST | /api/keys | create API key |
PATCH | /api/keys/:id/revoke | revoke API key |
DELETE | /api/keys/:id | delete API key |
Proxy management
| Method | Path | Purpose |
|---|---|---|
GET | /api/proxies | list all proxies |
GET | /api/proxies/active | list active proxies only |
GET | /api/proxies/:id | read one proxy |
POST | /api/proxies | create proxy |
PATCH | /api/proxies/:id | update proxy |
DELETE | /api/proxies/:id | delete proxy |
POST | /api/proxies/:id/toggle | toggle active state |
POST | /api/proxies/:id/test | test proxy connectivity |
Operational notes
- the dashboard can use
DASHBOARD_INTERNAL_API_KEYon server-side proxy calls - external clients should always use a normal API key
- stored secrets should not be returned raw in responses