← Back to Home

ZooBC Gateway API

Version 0.3.0 | Base URL: https://socialconnect.network

Proxy Endpoints

Access ZooBC nodes through the gateway using specially formatted hostnames.

GET POST https://ip-{A}-{B}-{C}-{D}[-p{PORT}].socialconnect.network/api/v1/*

Proxy requests to a ZooBC node. The target IP is encoded in the subdomain. Port is optional and defaults to 8080.

Hostname Format

ip-A-B-C-D required IP address with dots replaced by dashes

-pPORT optional Target port (default: 8080)

Example: Access node at 192.168.1.100:8080

curl https://ip-192-168-1-100-p8080.socialconnect.network/api/v1/node/info

Gateway Status

GET /gateway/status No Auth

Get gateway health status, metrics, and node discovery info.

Response

{ "gateway": { "name": "zoobc-gateway", "version": "0.3.0" }, "status": { "healthy": true, "uptime_seconds": 3600 }, "network": { "nodes_discovered": 42, "bootstrap_nodes": 3 }, "metrics": { "requests_total": 1000, "avg_latency_ms": 45 } }

Allowlist Management

Admin endpoints require authentication via Authorization: Bearer {API_KEY} or X-API-Key: {API_KEY} header.

GET /gateway/allowlist Requires Auth

List all nodes in the allowlist with their status and TTL.

POST /gateway/allowlist/add Requires Auth

Add a node to the allowlist.

Request Body (JSON)

ip string IP address of the node (required)

port number Port number (optional, 0 = all allowed ports)

permanent boolean If true, node won't expire (default: true)

Example

curl -X POST https://socialconnect.network/gateway/allowlist/add \ -H "Authorization: Bearer YOUR_API_KEY" \ -H "Content-Type: application/json" \ -d '{"ip": "192.168.1.100", "port": 8080, "permanent": true}'

POST /gateway/allowlist/remove Requires Auth

Remove a node from the allowlist.

Request Body (JSON)

ip string IP address of the node (required)

port number Port number (optional, 0 = all ports)

POST /gateway/allowlist/refresh Requires Auth

Trigger immediate allowlist refresh from bootstrap nodes.

CORS Support

All endpoints support CORS for browser-based applications.

OPTIONS /* No Auth

CORS preflight requests are handled automatically.

Response Headers

Access-Control-Allow-Origin *

Access-Control-Allow-Methods GET, POST, OPTIONS

Access-Control-Allow-Headers Content-Type