Skip to main content
POST
/
v1
/
sandboxes
/
{id}
/
ports
/
{port}
/
preview-proxy-target
import requests url = "https://api.13-215-85-171.sslip.io/v1/sandboxes/{id}/ports/{port}/preview-proxy-target" payload = { "expires_in_seconds": 900, "transports": ["http", "websocket"], "token_transport": "header", "include_traffic_token_hint": True } headers = { "Authorization": "Bearer <token>", "Content-Type": "application/json" } response = requests.post(url, json=payload, headers=headers) print(response.text)
{ "grant": { "id": "<string>", "sandbox_id": "<string>", "port": 123, "token_kinds": [], "principal_kind": "user", "issued_at": "2023-11-07T05:31:56Z", "expires_at": "2023-11-07T05:31:56Z", "use_count": 123, "http_request_count": 123, "websocket_connection_count": 123, "bytes_in_count": 123, "bytes_out_count": 123, "created_at": "2023-11-07T05:31:56Z", "updated_at": "2023-11-07T05:31:56Z", "principal_id": "<string>", "revoked_at": "2023-11-07T05:31:56Z", "first_used_at": "2023-11-07T05:31:56Z", "last_used_at": "2023-11-07T05:31:56Z", "last_error_code": "<string>", "last_error_at": "2023-11-07T05:31:56Z", "disabled_at": "2023-11-07T05:31:56Z" }, "sandbox_id": "<string>", "port": 123, "token_header_name": "x-nullspace-preview-proxy-token", "expires_at": "2023-11-07T05:31:56Z", "token_transport": "header", "required_forwarded_headers": [], "warnings": [ "<string>" ], "http_url": "https://3000-s-public.nullspace.dev/?__ns_preview_transport=header", "websocket_url": "wss://3000-s-public.nullspace.dev/?__ns_preview_transport=header", "http_token": "<string>", "websocket_token": "<string>", "traffic_access_required": true, "traffic_access_header_name": "x-nullspace-traffic-access-token" }

Authorizations

Authorization
string
header
required

API key passed as Bearer token

Path Parameters

id
string
required

Sandbox ID (e.g. sb_a1b2c3d4)

port
integer<uint16>
required

Sandbox guest port to expose through browser preview. Reserved generic-preview ports are rejected: 22 is SSH-specific and 5900-5999 are desktop/VNC-specific.

Required range: 1 <= x <= 65535

Body

application/json
expires_in_seconds
integer<uint64>

Requested proxy grant lifetime. Defaults to the deployment edge token TTL, clamped between 60 seconds and 24 hours.

Required range: 60 <= x <= 86400
transports
enum<string>[]

Proxy upstream transports to authorize.

Minimum array length: 1
Available options:
http,
websocket
token_transport
enum<string>
default:header

Token transport used by the customer proxy when forwarding to Nullspace edge.

Available options:
header
include_traffic_token_hint
boolean
default:true

When true, include whether private traffic access is required and the header name to use.

Response

Preview proxy target metadata and header token values

grant
object
required
sandbox_id
string
required
port
integer<uint16>
required
token_header_name
enum<string>
required
Available options:
x-nullspace-preview-proxy-token
expires_at
string<date-time>
required
token_transport
enum<string>
required
Available options:
header
required_forwarded_headers
enum<string>[]
required

Headers customer proxies should preserve or set when forwarding browser requests.

Available options:
x-forwarded-host,
x-forwarded-proto,
x-forwarded-for
warnings
string[]
required
http_url
string<uri> | null

HTTP upstream target with __ns_preview_transport=header and no bearer token in the URL.

Example:

"https://3000-s-public.nullspace.dev/?__ns_preview_transport=header"

websocket_url
string | null

WebSocket upstream target with __ns_preview_transport=header and no bearer token in the URL.

Example:

"wss://3000-s-public.nullspace.dev/?__ns_preview_transport=header"

http_token
string | null

Header token scoped to HTTP proxy traffic. Send as x-nullspace-preview-proxy-token.

websocket_token
string | null

Header token scoped to WebSocket proxy traffic. Send as x-nullspace-preview-proxy-token.

traffic_access_required
boolean | null

Whether this sandbox also requires the private traffic access header.

traffic_access_header_name
enum<string> | null

Header name for private traffic access when required. The secret value is not returned here.

Available options:
x-nullspace-traffic-access-token