●api reference · v1

The whole surface, documented.

Every endpoint your dashboard calls is yours. Mint a personal access token, set the Authorization header, and ship. The API is free — you only pay for what you provision.

Base URLhttps://api.evorxa.com/api

Auth headerAuthorization: Bearer <token>

Rate limit60 req/min per token

auth

Authentication

Every request authenticates with a personal access token in the Authorization header. Mint a token in your dashboard at /api-tokens. Each token can be scoped to specific abilities (instances:read, agent:write, waf:*, etc.) or granted full access.

GET/meGet the authenticated user

Returns the user record and the projects they belong to, including the caller's role in each project.

responses

200User and project list

{
  "user": {
    "id": 42,
    "email": "[email protected]",
    "name": "Jane Operator",
    "wallet_balance": 5240,
    "onboarded": true
  },
  "projects": [
    { "id": 1, "name": "default", "type": "personal", "current_user_role": "owner" }
  ]
}

example

curl https://api.evorxa.com/api/me \
  -H "Authorization: Bearer $EVORXA_TOKEN"

GET/me/api-tokensList your personal API tokens

required scope

all

responses

200Token list (without the secret)

[
  {
    "id": 7,
    "name": "CI deployer",
    "abilities": ["instances:read", "instances:write"],
    "last_used_at": "2026-05-14T09:12:03.000Z",
    "created_at": "2026-05-01T18:00:00.000Z"
  }
]

example

curl https://api.evorxa.com/api/me/api-tokens \
  -H "Authorization: Bearer $EVORXA_TOKEN"

POST/me/api-tokensMint a new API token

Request body

name	type	description
`name`required	`string`	Human label for this token.
`abilities`	`string[]`	Optional. Defaults to ["*"] (full access). Use scoped abilities like "instances:read" to limit the token.

responses

201Token created. The plaintext token is returned only once — store it now.

{
  "id": 8,
  "name": "CI deployer",
  "abilities": ["instances:read", "instances:write"],
  "token": "8|aB9xKp2QrLm...",
  "created_at": "2026-05-14T19:42:18.000Z"
}

example

curl -X POST https://api.evorxa.com/api/me/api-tokens \
  -H "Authorization: Bearer $EVORXA_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"name":"","abilities":[]}'

DELETE/me/api-tokens/{id}Revoke an API token
Path parameters
name type description
idrequired integer Token ID.
responses
- 204Revoked.
example
```
curl -X DELETE https://api.evorxa.com/api/me/api-tokens/{id} \
  -H "Authorization: Bearer $EVORXA_TOKEN"
```

name	type	description
`id`required	`integer`	Token ID.

team

Team

Projects are shared workspaces. Each member holds a role. Owners can invite teammates, manage members, rename or delete the project, and take billing-impacting actions (create, upgrade, delete, or reactivate instances). Members get read and non-billing access. Invitations go out by email and expire after seven days.

GET/projects/{project}/membersList members and pending invitations

Returns the project's members with their roles plus any pending invitations. Available to every member of the project.

required scope

all

Path parameters

name	type	description
`project`required	`integer`	Project ID.

responses

200Members and pending invitations.

{
  "project": { "id": 1, "name": "default", "type": "personal" },
  "current_user_role": "owner",
  "members": [
    {
      "id": 3,
      "role": "owner",
      "user": { "id": 42, "name": "Jane Operator", "email": "[email protected]" }
    }
  ],
  "invitations": [
    {
      "id": 9,
      "email": "[email protected]",
      "role": "member",
      "expires_at": "2026-06-02T12:00:00.000Z",
      "inviter": { "id": 42, "name": "Jane Operator", "email": "[email protected]" }
    }
  ]
}

404You are not a member of this project.

example

curl https://api.evorxa.com/api/projects/{project}/members \
  -H "Authorization: Bearer $EVORXA_TOKEN"

POST/projects/{project}/invitationsInvite a teammate by email

Owner only. Sends an email invitation that the recipient accepts while signed in with the same address. The invitation expires after seven days.

required scope

all

Path parameters

name	type	description
`project`required	`integer`	Project ID.

Request body

name	type	description
`email`required	`string`	Recipient email address.
`role`	`string`	Optional. "owner" or "member". Defaults to "member".
`locale`	`string`	Optional. "en" or "ar". Sets the language of the invitation link. Defaults to "en".

responses

201Invitation created and emailed.

{
  "id": 9,
  "project_id": 1,
  "email": "[email protected]",
  "role": "member",
  "expires_at": "2026-06-02T12:00:00.000Z"
}

403Only project owners can invite teammates.
409An active invitation already exists for that email.
422That user is already a project member.

example

curl -X POST https://api.evorxa.com/api/projects/{project}/invitations \
  -H "Authorization: Bearer $EVORXA_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"email":"","role":"","locale":""}'

DELETE/projects/{project}/members/{member}Remove a member
Owner only. Removes a member from the project. A project must always keep at least one owner.
required scope
all
Path parameters
name type description
projectrequired integer Project ID.
memberrequired integer Member record ID, from the members list.
responses
- 204Member removed.
- 403Only project owners can remove members.
- 422Cannot remove the last remaining owner.
example
```
curl -X DELETE https://api.evorxa.com/api/projects/{project}/members/{member} \
  -H "Authorization: Bearer $EVORXA_TOKEN"
```
DELETE/projects/{project}/invitations/{invite}Cancel a pending invitation
Owner only. Cancels an invitation that has not been accepted yet.
required scope
all
Path parameters
name type description
projectrequired integer Project ID.
inviterequired integer Invitation ID.
responses
- 204Invitation cancelled.
- 403Only project owners can cancel invitations.
- 422Accepted invitations cannot be cancelled.
example
```
curl -X DELETE https://api.evorxa.com/api/projects/{project}/invitations/{invite} \
  -H "Authorization: Bearer $EVORXA_TOKEN"
```
GET/project-invitations/{token}Look up an invitation
Resolves an invitation token for the signed-in account. Use it to preview the project before accepting. The status is "pending" when your email matches the invited address, or "wrong_email" otherwise.
required scope
all
Path parameters
name type description
tokenrequired string Invitation token from the email link.
responses
- 200Invitation details for the current account.
  { "status": "pending", "current_user_email": "[email protected]", "invitation": { "id": 9, "email": "[email protected]", "role": "member", "expires_at": "2026-06-02T12:00:00.000Z", "project": { "id": 1, "name": "default", "type": "personal" }, "invited_by": { "id": 42, "name": "Jane Operator", "email": "[email protected]" } } }
- 410Invitation is no longer valid (status "expired", "cancelled", or "accepted").
example
```
curl https://api.evorxa.com/api/project-invitations/{token} \
  -H "Authorization: Bearer $EVORXA_TOKEN"
```
POST/project-invitations/{token}/acceptAccept an invitation
Joins the project as the invited role. You must be signed in with the email address the invitation was sent to. Accepting twice is safe and does not create a duplicate membership.
required scope
all
Path parameters
name type description
tokenrequired string Invitation token from the email link.
responses
- 200Joined. Returns the project and your membership.
  { "status": "accepted", "project": { "id": 1, "name": "default", "type": "personal" }, "membership": { "id": 12, "project_id": 1, "user_id": 57, "role": "member" } }
- 403Signed in with a different email (status "wrong_email").
- 410Invitation is expired, cancelled, or already accepted.
example
```
curl -X POST https://api.evorxa.com/api/project-invitations/{token}/accept \
  -H "Authorization: Bearer $EVORXA_TOKEN"
```

name	type	description
`token`required	`string`	Invitation token from the email link.

name	type	description
`token`required	`string`	Invitation token from the email link.

instances

Instances

Provision, list, inspect, power-cycle, reinstall, upgrade, and retire VPS instances. Pricing is debited from the wallet at creation and at upgrade.

GET/instancesList instances

required scope

instances:read

Query parameters

name	type	description
`project_id`	`integer`	Filter to one project. Defaults to all projects you own.

responses

200Array of instances.

[
  {
    "id": "01H9...",
    "name": "api-prod-1",
    "hostname": "api-prod-1.server.evorxa.net",
    "plan": "scout-2",
    "status": "running",
    "main_ip": "203.0.113.42",
    "vcpu": 2, "ram": 4, "storage": 60,
    "billed_till": "2026-06-14T00:00:00.000Z",
    "ip_addresses": [...]
  }
]

example

curl https://api.evorxa.com/api/instances \
  -H "Authorization: Bearer $EVORXA_TOKEN"

POST/instancesProvision a new instance

Provisions a server on the Evorxa platform, builds the OS, debits the wallet, and returns the new record. The instance starts in 'provisioning' status and transitions to 'running' once the OS boots.

required scope

instances:write

Request body

name	type	description
`name`required	`string`	Display name. Used in hostname derivation.
`hostname`required	`string`	FQDN. Auto-managed reverse DNS.
`project_id`required	`integer`	Owning project.
`package_id`required	`integer`	Plan package ID. See /me/catalog/plans.
`category`required	`string`	Either "standard" or "cpu-optimized".
`os_template_id`required	`integer`	From /catalog/os-templates/{packageId}.
`os_name`required	`string`	Display label for the OS.
`billing_cycle`required	`string`	"monthly", "6months", or "yearly".
`ssh_key_ids`	`integer[]`	Optional. SSH keys to inject at build time.

responses

201Instance created. Status is 'provisioning'.
402Insufficient wallet balance.
422Invalid plan, package, or category.

example

curl -X POST https://api.evorxa.com/api/instances \
  -H "Authorization: Bearer $EVORXA_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"name":"","hostname":"","project_id":0,"package_id":0,"category":"","os_template_id":0,"os_name":"","billing_cycle":"","ssh_key_ids":[]}'

GET/instances/{id}Get an instance

required scope

instances:read

Path parameters

name	type	description
`id`required	`string`	Instance UUID.

responses

200Instance with live runtime state attached.

{
  "id": "01H9...",
  "name": "api-prod-1",
  "status": "running",
  "vf_state": "complete",
  "vf_remote_state": {
    "state": "running",
    "cpu": 12.4,
    "memory": { "memtotal": 4194304, "memfree": 1572864 }
  }
}

404Instance not found or deleted.

example

curl https://api.evorxa.com/api/instances/{id} \
  -H "Authorization: Bearer $EVORXA_TOKEN"

DELETE/instances/{id}Delete an instance
required scope
instances:write
Path parameters
name type description
idrequired string Instance UUID.
Request body
name type description
moderequired string "immediate" (delete now, prorated refund) or "end_of_cycle" (cancel renewal).
responses
- 200Deleted, with refund amount in cents.
example
```
curl -X DELETE https://api.evorxa.com/api/instances/{id} \
  -H "Authorization: Bearer $EVORXA_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"mode":""}'
```
POST/instances/{id}/power/{action}Power action
Boot, shutdown, restart, or hard power-off. Local status moves to a transitional state and syncs from the hypervisor.
required scope
instances:write
Path parameters
name type description
idrequired string Instance UUID.
actionrequired string boot · shutdown · restart · poweroff
responses
- 200Command dispatched.
example
```
curl -X POST https://api.evorxa.com/api/instances/{id}/power/{action} \
  -H "Authorization: Bearer $EVORXA_TOKEN"
```
GET/instances/{id}/metricsCPU / RAM / disk / network
Live snapshot from the hypervisor plus stored history for the requested period.
required scope
analytics:read
Path parameters
name type description
idrequired string Instance UUID.
Query parameters
name type description
period string "5m", "30m", "1h", "6h", "12h", "24h". Default "1h".
responses
- 200Current snapshot + history points.
  { "current": { "cpu_percent": 12.4, "memory_used_kb": 2621440, "memory_total_kb": 4194304, "disk_used_bytes": 12884901888, "disk_total_bytes": 64424509440, "network_rx_bytes": 938472847, "network_tx_bytes": 271938247 }, "history": [...] }
example
```
curl https://api.evorxa.com/api/instances/{id}/metrics \
  -H "Authorization: Bearer $EVORXA_TOKEN"
```
POST/instances/{id}/upgradeUpgrade plan
Prorates the difference and debits the wallet. Optionally reboots immediately.
required scope
instances:write
Path parameters
name type description
idrequired string Instance UUID.
Request body
name type description
package_idrequired integer Target plan package.
rebootrequired boolean Reboot immediately to apply.
responses
- 200Upgraded with prorated charge.
- 402Insufficient wallet balance for the difference.
example
```
curl -X POST https://api.evorxa.com/api/instances/{id}/upgrade \
  -H "Authorization: Bearer $EVORXA_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"package_id":0,"reboot":false}'
```
POST/instances/{id}/reinstallReinstall the OS
required scope
instances:write
Path parameters
name type description
idrequired string Instance UUID.
Request body
name type description
os_template_idrequired integer From /instances/{id}/reinstall-options.
os_namerequired string Display label.
responses
- 200Reinstall started. Status moves to 'provisioning'.
example
```
curl -X POST https://api.evorxa.com/api/instances/{id}/reinstall \
  -H "Authorization: Bearer $EVORXA_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"os_template_id":0,"os_name":""}'
```
GET/instances/{id}/reinstall-optionsList OS templates for reinstall
required scope
instances:read
Path parameters
name type description
idrequired string Instance UUID.
responses
- 200OS template groups.
example
```
curl https://api.evorxa.com/api/instances/{id}/reinstall-options \
  -H "Authorization: Bearer $EVORXA_TOKEN"
```
POST/instances/{id}/reset-passwordGenerate a new root/Administrator password
required scope
instances:write
Path parameters
name type description
idrequired string Instance UUID.
responses
- 200New password returned in cleartext (once).
example
```
curl -X POST https://api.evorxa.com/api/instances/{id}/reset-password \
  -H "Authorization: Bearer $EVORXA_TOKEN"
```
POST/instances/{id}/cancel-deletionUndo a scheduled deletion
required scope
instances:write
Path parameters
name type description
idrequired string Instance UUID.
responses
- 200Deletion cancelled, billing resumed.
example
```
curl -X POST https://api.evorxa.com/api/instances/{id}/cancel-deletion \
  -H "Authorization: Bearer $EVORXA_TOKEN"
```
POST/instances/{id}/reactivateReactivate a suspended instance
Debits the cycle cost from the wallet, extends billed_till, and unsuspends the instance.
required scope
instances:write
Path parameters
name type description
idrequired string Instance UUID.
responses
- 200Reactivated.
- 402Insufficient wallet balance.
example
```
curl -X POST https://api.evorxa.com/api/instances/{id}/reactivate \
  -H "Authorization: Bearer $EVORXA_TOKEN"
```
GET/instances/{id}/vncVNC console URL
required scope
instances:read
Path parameters
name type description
idrequired string Instance UUID.
responses
- 200wss URL with token + VNC password.
example
```
curl https://api.evorxa.com/api/instances/{id}/vnc \
  -H "Authorization: Bearer $EVORXA_TOKEN"
```

name	type	description
`mode`required	`string`	"immediate" (delete now, prorated refund) or "end_of_cycle" (cancel renewal).

name	type	description
`period`	`string`	"5m", "30m", "1h", "6h", "12h", "24h". Default "1h".

name	type	description
`package_id`required	`integer`	Target plan package.
`reboot`required	`boolean`	Reboot immediately to apply.

name	type	description
`os_template_id`required	`integer`	From /instances/{id}/reinstall-options.
`os_name`required	`string`	Display label.

agent

AI Agent

An LLM-driven operator with SSH into your box and a tool kit (shell, file edit, log tail). Open a chat to an instance and stream the agent's actions back. Credits are debited from your AI Agent credit pool, separate from the wallet.

GET/agent/creditsGet AI agent credit balance

required scope

agent:read

responses

200Balance in cents, includes trial credit.

{ "balance_cents": 1240, "trial_remaining_cents": 500 }

example

curl https://api.evorxa.com/api/agent/credits \
  -H "Authorization: Bearer $EVORXA_TOKEN"

POST/instances/{id}/agent/chatSend a message to the agent
Starts a new conversation or appends to an existing one. The agent may issue tool calls (shell, file edit) which run on your instance via SSH. Each tool call and token is metered.
required scope
agent:write
Path parameters
name type description
idrequired string Instance UUID.
Request body
name type description
messagerequired string User prompt.
conversation_id integer Optional. Continue an existing conversation.
responses
- 200Conversation record with appended assistant message + any tool transcripts.
- 402Out of AI credits.
- 403Instance is suspended.
example
```
curl -X POST https://api.evorxa.com/api/instances/{id}/agent/chat \
  -H "Authorization: Bearer $EVORXA_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"message":"","conversation_id":0}'
```
GET/instances/{id}/agent/conversationsList conversations for an instance
required scope
agent:read
Path parameters
name type description
idrequired string Instance UUID.
responses
- 200Conversations, newest first.
example
```
curl https://api.evorxa.com/api/instances/{id}/agent/conversations \
  -H "Authorization: Bearer $EVORXA_TOKEN"
```
GET/instances/{id}/agent/conversations/{convId}Get a conversation transcript
required scope
agent:read
Path parameters
name type description
idrequired string Instance UUID.
convIdrequired integer Conversation ID.
responses
- 200Full message + tool call transcript.
example
```
curl https://api.evorxa.com/api/instances/{id}/agent/conversations/{convId} \
  -H "Authorization: Bearer $EVORXA_TOKEN"
```
DELETE/instances/{id}/agent/conversations/{convId}Delete a conversation
required scope
agent:write
Path parameters
name type description
idrequired string Instance UUID.
convIdrequired integer Conversation ID.
responses
- 204Deleted.
example
```
curl -X DELETE https://api.evorxa.com/api/instances/{id}/agent/conversations/{convId} \
  -H "Authorization: Bearer $EVORXA_TOKEN"
```
GET/instances/{id}/agent/telegramGet Telegram link status
required scope
agent:read
Path parameters
name type description
idrequired string Instance UUID.
responses
- 200Linked Telegram chat ID, or null.
example
```
curl https://api.evorxa.com/api/instances/{id}/agent/telegram \
  -H "Authorization: Bearer $EVORXA_TOKEN"
```
POST/instances/{id}/agent/telegramLink a Telegram chat to the agent
required scope
agent:write
Path parameters
name type description
idrequired string Instance UUID.
Request body
name type description
telegram_chat_idrequired string From the /start reply.
responses
- 200Linked.
example
```
curl -X POST https://api.evorxa.com/api/instances/{id}/agent/telegram \
  -H "Authorization: Bearer $EVORXA_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"telegram_chat_id":""}'
```

name	type	description
`message`required	`string`	User prompt.
`conversation_id`	`integer`	Optional. Continue an existing conversation.

name	type	description
`telegram_chat_id`required	`string`	From the /start reply.

shield

Shield · Firewall & Visibility

Per-IP firewall rules, RDNS, bandwidth caps, and ingress visibility (top IPs, top ASNs, country breakdown, port mix, PPS). Backed by in-house Shield nodes.

GET/shield/ipsList protected IPs
required scope
shield:read
responses
- 200IPs with rule counts, policy summary, current bandwidth.
example
```
curl https://api.evorxa.com/api/shield/ips \
  -H "Authorization: Bearer $EVORXA_TOKEN"
```
GET/shield/ips/{id}Get a protected IP
required scope
shield:read
Path parameters
name type description
idrequired integer IP record ID.
responses
- 200Full IP profile: rules, policy, RDNS.
example
```
curl https://api.evorxa.com/api/shield/ips/{id} \
  -H "Authorization: Bearer $EVORXA_TOKEN"
```
POST/shield/ips/{id}/rulesCreate a firewall rule
required scope
shield:write
Path parameters
name type description
idrequired integer IP record ID.
Request body
name type description
actionrequired string "allow" or "block".
protocolrequired string "tcp", "udp", or "any".
src_cidr string Source CIDR. Defaults to 0.0.0.0/0.
dst_port integer Destination port. Null = any.
responses
- 201Rule created and pushed to Shield nodes.
example
```
curl -X POST https://api.evorxa.com/api/shield/ips/{id}/rules \
  -H "Authorization: Bearer $EVORXA_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"action":"","protocol":"","src_cidr":"","dst_port":0}'
```
PUT/shield/ips/{id}/rules/{ruleId}Update a firewall rule
required scope
shield:write
Path parameters
name type description
idrequired integer IP record ID.
ruleIdrequired integer Rule ID.
responses
- 200Updated.
example
```
curl -X PUT https://api.evorxa.com/api/shield/ips/{id}/rules/{ruleId} \
  -H "Authorization: Bearer $EVORXA_TOKEN"
```
DELETE/shield/ips/{id}/rules/{ruleId}Delete a firewall rule
required scope
shield:write
Path parameters
name type description
idrequired integer IP record ID.
ruleIdrequired integer Rule ID.
responses
- 204Deleted.
example
```
curl -X DELETE https://api.evorxa.com/api/shield/ips/{id}/rules/{ruleId} \
  -H "Authorization: Bearer $EVORXA_TOKEN"
```
PUT/shield/ips/{id}/policyUpdate default policy
required scope
shield:write
Path parameters
name type description
idrequired integer IP record ID.
Request body
name type description
default_in string "allow" or "block".
default_out string "allow" or "block".
responses
- 200Policy updated.
example
```
curl -X PUT https://api.evorxa.com/api/shield/ips/{id}/policy \
  -H "Authorization: Bearer $EVORXA_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"default_in":"","default_out":""}'
```
GET/shield/ips/{id}/bandwidthBandwidth samples
required scope
analytics:read
Path parameters
name type description
idrequired integer IP record ID.
responses
- 200Time-series of bps in/out.
example
```
curl https://api.evorxa.com/api/shield/ips/{id}/bandwidth \
  -H "Authorization: Bearer $EVORXA_TOKEN"
```
GET/shield/ips/{id}/visibility/top-ipsTop source IPs
required scope
analytics:read
Path parameters
name type description
idrequired integer IP record ID.
responses
- 200Ranked list of source IPs by bytes/packets.
example
```
curl https://api.evorxa.com/api/shield/ips/{id}/visibility/top-ips \
  -H "Authorization: Bearer $EVORXA_TOKEN"
```
GET/shield/ips/{id}/visibility/top-asnsTop source ASNs
required scope
analytics:read
Path parameters
name type description
idrequired integer IP record ID.
responses
- 200Ranked ASN list.
example
```
curl https://api.evorxa.com/api/shield/ips/{id}/visibility/top-asns \
  -H "Authorization: Bearer $EVORXA_TOKEN"
```
GET/shield/ips/{id}/visibility/countriesCountry breakdown
required scope
analytics:read
Path parameters
name type description
idrequired integer IP record ID.
responses
- 200Country share of incoming traffic.
example
```
curl https://api.evorxa.com/api/shield/ips/{id}/visibility/countries \
  -H "Authorization: Bearer $EVORXA_TOKEN"
```
GET/shield/ips/{id}/visibility/portsPort distribution
required scope
analytics:read
Path parameters
name type description
idrequired integer IP record ID.
responses
- 200Most-hit destination ports.
example
```
curl https://api.evorxa.com/api/shield/ips/{id}/visibility/ports \
  -H "Authorization: Bearer $EVORXA_TOKEN"
```
GET/shield/ips/{id}/visibility/ppsPackets per second
required scope
analytics:read
Path parameters
name type description
idrequired integer IP record ID.
responses
- 200Time-series PPS.
example
```
curl https://api.evorxa.com/api/shield/ips/{id}/visibility/pps \
  -H "Authorization: Bearer $EVORXA_TOKEN"
```

name	type	description
`id`required	`integer`	IP record ID.

name	type	description
`id`required	`integer`	IP record ID.

name	type	description
`action`required	`string`	"allow" or "block".
`protocol`required	`string`	"tcp", "udp", or "any".
`src_cidr`	`string`	Source CIDR. Defaults to 0.0.0.0/0.
`dst_port`	`integer`	Destination port. Null = any.

name	type	description
`id`required	`integer`	IP record ID.
`ruleId`required	`integer`	Rule ID.

name	type	description
`id`required	`integer`	IP record ID.
`ruleId`required	`integer`	Rule ID.

name	type	description
`id`required	`integer`	IP record ID.

name	type	description
`default_in`	`string`	"allow" or "block".
`default_out`	`string`	"allow" or "block".

name	type	description
`id`required	`integer`	IP record ID.

name	type	description
`id`required	`integer`	IP record ID.

name	type	description
`id`required	`integer`	IP record ID.

name	type	description
`id`required	`integer`	IP record ID.

name	type	description
`id`required	`integer`	IP record ID.

name	type	description
`id`required	`integer`	IP record ID.

waf

Web Application Firewall

Front your apps with a managed WAF + DDoS layer. Add hostnames, get TLS issued automatically, toggle rule sets, and roll back at any time.

GET/shield/wafList WAF applications
required scope
waf:read
responses
- 200Apps with hostnames, firewall state, origin IP.
example
```
curl https://api.evorxa.com/api/shield/waf \
  -H "Authorization: Bearer $EVORXA_TOKEN"
```

POST/shield/wafCreate a WAF application

required scope

waf:write

Request body

name	type	description
`name`required	`string`	Application label.
`origin_ip`required	`string`	Origin (instance) IP.
`origin_port`	`integer`	Defaults to 80/443.
`hostname`required	`string`	Primary hostname (CNAME this to the issued edge).

responses

201App created. TLS issuance is queued.

example

curl -X POST https://api.evorxa.com/api/shield/waf \
  -H "Authorization: Bearer $EVORXA_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"name":"","origin_ip":"","origin_port":0,"hostname":""}'

GET/shield/waf/{id}Get a WAF application
required scope
waf:read
Path parameters
name type description
idrequired integer App ID.
responses
- 200App with hostnames + SSL status.
example
```
curl https://api.evorxa.com/api/shield/waf/{id} \
  -H "Authorization: Bearer $EVORXA_TOKEN"
```
DELETE/shield/waf/{id}Delete a WAF application
required scope
waf:write
Path parameters
name type description
idrequired integer App ID.
responses
- 204Deleted.
example
```
curl -X DELETE https://api.evorxa.com/api/shield/waf/{id} \
  -H "Authorization: Bearer $EVORXA_TOKEN"
```
POST/shield/waf/{id}/firewallToggle WAF firewall
required scope
waf:write
Path parameters
name type description
idrequired integer App ID.
Request body
name type description
enabledrequired boolean Enable or disable the rule set.
responses
- 200State toggled.
example
```
curl -X POST https://api.evorxa.com/api/shield/waf/{id}/firewall \
  -H "Authorization: Bearer $EVORXA_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"enabled":false}'
```
POST/shield/waf/{id}/hostnamesAdd a hostname to a WAF app
required scope
waf:write
Path parameters
name type description
idrequired integer App ID.
Request body
name type description
hostnamerequired string Hostname to add. SSL will be issued.
responses
- 201Hostname added, SSL queued.
example
```
curl -X POST https://api.evorxa.com/api/shield/waf/{id}/hostnames \
  -H "Authorization: Bearer $EVORXA_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"hostname":""}'
```
POST/shield/waf/{id}/hostnames/{hostnameId}/retry-sslRetry SSL issuance
required scope
waf:write
Path parameters
name type description
idrequired integer App ID.
hostnameIdrequired integer Hostname ID.
responses
- 200Retry queued.
example
```
curl -X POST https://api.evorxa.com/api/shield/waf/{id}/hostnames/{hostnameId}/retry-ssl \
  -H "Authorization: Bearer $EVORXA_TOKEN"
```
DELETE/shield/waf/{id}/hostnames/{hostnameId}Remove a hostname
required scope
waf:write
Path parameters
name type description
idrequired integer App ID.
hostnameIdrequired integer Hostname ID.
responses
- 204Removed.
example
```
curl -X DELETE https://api.evorxa.com/api/shield/waf/{id}/hostnames/{hostnameId} \
  -H "Authorization: Bearer $EVORXA_TOKEN"
```

name	type	description
`id`required	`integer`	App ID.

name	type	description
`id`required	`integer`	App ID.

wallet

Wallet & Billing

Balance, transactions, and top-ups. Wallet is the money primitive — all paid actions (instance create/upgrade, reactivate) debit from it.

GET/wallet/balanceGet wallet balance

required scope

wallet:read

responses

200Balance and a fresh exchange rate.

{ "balance_cents": 5240, "balance_usd": 52.40 }

example

curl https://api.evorxa.com/api/wallet/balance \
  -H "Authorization: Bearer $EVORXA_TOKEN"

GET/wallet/transactionsList transactions
required scope
wallet:read
Query parameters
name type description
type string "debit", "credit", or both.
limit integer Default 50, max 200.
responses
- 200Paginated transaction ledger.
example
```
curl https://api.evorxa.com/api/wallet/transactions \
  -H "Authorization: Bearer $EVORXA_TOKEN"
```

catalog

Catalog

What you can buy. Public read-only catalog (no auth) plus an authenticated /me view.

GET/catalog/plansPublic plans (no auth)
Query parameters
name type description
currency string Optional. USD (default), SAR, or EGP. Converts prices using the latest stored rate.
responses
- 200Plan categories with per-cycle pricing in the requested currency.
example
```
curl https://api.evorxa.com/api/catalog/plans \
  -H "Authorization: Bearer $EVORXA_TOKEN"
```

GET/catalog/regionsPublic regions (no auth)

responses

200Region codes, names, flags.

example

curl https://api.evorxa.com/api/catalog/regions \
  -H "Authorization: Bearer $EVORXA_TOKEN"

GET/catalog/billing-cyclesPublic billing cycles (no auth)
responses
- 200Monthly, 6-month, yearly + their cycle discounts.
example
```
curl https://api.evorxa.com/api/catalog/billing-cycles \
  -H "Authorization: Bearer $EVORXA_TOKEN"
```
GET/catalog/exchange-ratesPublic USD-based FX rates (no auth)
responses
- 200Rates for USD, SAR, EGP plus the fetched_at timestamp. Refreshed daily from public reference data.
example
```
curl https://api.evorxa.com/api/catalog/exchange-rates \
  -H "Authorization: Bearer $EVORXA_TOKEN"
```
GET/me/catalog/plansAuthenticated plans
responses
- 200Same shape as public, with personalised pricing applied.
example
```
curl https://api.evorxa.com/api/me/catalog/plans \
  -H "Authorization: Bearer $EVORXA_TOKEN"
```
GET/catalog/os-templates/{packageId}OS templates for a package
required scope
instances:read
Path parameters
name type description
packageIdrequired integer Plan package ID.
responses
- 200OS groups with template variants.
example
```
curl https://api.evorxa.com/api/catalog/os-templates/{packageId} \
  -H "Authorization: Bearer $EVORXA_TOKEN"
```

ssh-keys

SSH Keys

Public SSH keys that can be injected at instance build time. Stored once, reused everywhere.

GET/ssh-keysList SSH keys
required scope
instances:read
responses
- 200Your registered keys.
example
```
curl https://api.evorxa.com/api/ssh-keys \
  -H "Authorization: Bearer $EVORXA_TOKEN"
```
POST/ssh-keysAdd an SSH key
required scope
instances:write
Request body
name type description
namerequired string Label.
public_keyrequired string OpenSSH-format public key.
responses
- 201Created.
example
```
curl -X POST https://api.evorxa.com/api/ssh-keys \
  -H "Authorization: Bearer $EVORXA_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"name":"","public_key":""}'
```
DELETE/ssh-keys/{id}Delete an SSH key
required scope
instances:write
Path parameters
name type description
idrequired integer Key ID.
responses
- 204Deleted.
example
```
curl -X DELETE https://api.evorxa.com/api/ssh-keys/{id} \
  -H "Authorization: Bearer $EVORXA_TOKEN"
```

name	type	description
`type`	`string`	"debit", "credit", or both.
`limit`	`integer`	Default 50, max 200.

name	type	description
`name`required	`string`	Label.
`public_key`required	`string`	OpenSSH-format public key.