2026-04-29
Added
App Activity API
A new endpoint for retrieving the activity feed of an application:
- Get App Activity:
GET /api/v1/apps/{uuid}/activity(supportspageandlimitquery parameters for pagination)
Container Registry Credentials API
A workspace-scoped CRUD surface for managing registry credentials used by Dockerfile and container deployments:
- Create:
POST /workspaces/{workspace_id}/container_registry_credentials - Update:
PUT /workspaces/{workspace_id}/container_registry_credentials/{uuid} - Delete:
DELETE /workspaces/{workspace_id}/container_registry_credentials/{uuid}
Changed
- App Creation:
POST /api/v1/appsnow requires theresource_idparameter to identify the target Resource plan. The previousregion_idparameter has been removed because it was misleading on a fixed-capacity model. - App Domains Path: The path parameter on domain-scoped endpoints has been renamed from
uuidtodomain_uuidto disambiguate it from the parent app’suuid. This affects:GET /api/v1/apps/{uuid}/domains/{domain_uuid}PUT /api/v1/apps/{uuid}/domains/{domain_uuid}DELETE /api/v1/apps/{uuid}/domains/{domain_uuid}
- Replica Endpoints:
POST /api/v1/apps/{id}/addons/create_replicaandPOST /api/v1/services/{id}/create_replicanow return the fullAddonandServiceentities (previously returned a genericMessage). The response now includes the new replica’suuidandname. - Cron Job Delete:
DELETEon cron job endpoints now returns aMessagebody alongside the204status for consistency with other destroy endpoints. - Cron Job Entity: Renamed
statetostatus(running,stopped) and added two new required fields:last_job_name(name of the most recent run) andlast_job_status(e.g.running,complete,failed). Clients reading thestatefield should switch tostatus. - Region Entity: Now exposes a numeric
idfield in addition tonameandcode. Theidis required. - Container Image Overrides: App and addon deployment configs now accept
commandandargsarrays to override the image’sENTRYPOINTandCMD. Useful for images like Keycloak that print help on a bare run.
2026-03-27
Added
Buckets API (S3-Compatible Object Storage)
A complete set of endpoints for managing S3-compatible storage buckets:
- List Buckets:
GET /api/v1/buckets - Create Bucket:
POST /api/v1/buckets - Get Bucket:
GET /api/v1/buckets`/{uuid}` - Update Bucket:
PUT /api/v1/buckets`/{uuid}` - Delete Bucket:
DELETE /api/v1/buckets`/{uuid}` - Regenerate Credentials:
POST /api/v1/buckets`/{uuid}`/regenerate_credentials - Update Policy:
PUT /api/v1/buckets`/{uuid}`/update_policy - Update ACL:
PUT /api/v1/buckets`/{uuid}`/update_acl
Bucket Objects API
File and folder management within buckets:
- List Objects:
GET /api/v1/buckets`/{uuid}`/objects/list - Get Upload URL:
POST /api/v1/buckets`/{uuid}`/objects/upload_url - Get Download URL:
POST /api/v1/buckets`/{uuid}`/objects/download_url - Create Folder:
POST /api/v1/buckets`/{uuid}`/objects/create_folder - Rename Object:
PUT /api/v1/buckets`/{uuid}`/objects/rename - Delete Object:
DELETE /api/v1/buckets`/{uuid}`/objects/destroy
Database Replication API
New endpoints for managing PostgreSQL streaming replication on both app addons and standalone services:
- Create Replica:
POST /api/v1/apps`/{id}`/addons/create_replicaandPOST /api/v1/services`/{id}`/create_replica - Promote Replica:
POST /api/v1/apps`/{id}`/addons/promote_replicaandPOST /api/v1/services`/{id}`/promote_replica - Promote External:
POST /api/v1/apps`/{id}`/addons/promote_externalandPOST /api/v1/services`/{id}`/promote_external - Enable Streaming Replication:
POST /api/v1/services`/{id}`/enable_streaming_replication - Disable Streaming Replication:
POST /api/v1/services`/{id}`/disable_streaming_replication
Changed
- Deploy Endpoint: The
POST /api/v1/apps`/{uuid}`/deployendpoint now supports deploying from GitHub repositories withgithub_urlandgithub_branchparameters, in addition to the existingcommit_shasupport.
2026-02-05
Added
App Deployments API
A new set of endpoints for managing the application deployment lifecycle has been introduced:
- List Deployments:
GET /api/v1/apps`/{uuid}`/deployments - Get Deployment Details: “GET /api/v1/apps
/{uuid}/deployments/{id} - Get Build Logs:
GET /api/v1/apps`/{uuid}`/deployments`/{id}`/logs - Stream Build Logs:
GET /api/v1/apps`/{uuid}`/deployments`/{id}`/stream_logs - Cancel Deployment:
POST /api/v1/apps`/{uuid}`/deployments`/{id}`/cancel - Rollback Deployment:
POST /api/v1/apps`/{uuid}`/deployments`/{id}`/rollback
App Ports API
Full management of application network ports is now available:
- List Ports:
GET /api/v1/workspaces`/{ws}`/apps`/{app}`/ports - Create Port:
POST /api/v1/workspaces`/{ws}`/apps`/{app}`/ports - Delete Port: “DELETE /api/v1/workspaces
/{ws}/apps/{app}/ports/{id} - Expose Port Publicly:
PATCH /api/v1/workspaces`/{ws}`/apps`/{app}`/ports`/{id}`/expose_publicly - Make Port Private:
PATCH /api/v1/workspaces`/{ws}`/apps`/{app}`/ports`/{id}`/make_private
Add-on Password Rotation
The new
POST /api/v1/apps`/{uuid}`/addons`/{id}`/rotate_password endpoint allows for secure password rotation for supported add-ons, such as databases.Basic Authentication
The
PUT /api/v1/apps`/{uuid}`/security endpoint now supports basic_auth_enabled, basic_auth_username, and basic_auth_password parameters, allowing you to enable and configure Basic Authentication for your application.Changed
- Deployment Options: The
POST /api/v1/apps`/{uuid}`/deployendpoint now acceptscommit_shaandbranchparameters, enabling more precise deployments from Git repositories. - Builder Options: The
builderparameter inPOST /api/v1/appshas been expanded to supportauto(automatic buildpack detection) andcustom(language-specific builder) in addition todockerfile. - Resource Validation: The “PUT /api/v1/resources
/{uuid}endpoint now validates against plan downgrades to prevent assigning a plan with insufficient resources (CPU, RAM, storage). - Add-on Deletion Logic: The logic for deleting an add-on (“DELETE /api/v1/apps
/{uuid}/addons/{id}) has been refactored into a dedicated service object for improved maintainability.
Removed
- The
POST /api/v1/apps`/{uuid}`/sync_parent_imageendpoint has been removed.