API for managing VPS servers, domains, hosting services, DNS, and billing.
Include API keys in the Authorization: Bearer <token> header. Dashboard sessions may also authenticate with the hostup_session cookie.
Create and manage API keys at cloud.hostup.se/api-management. You can define scopes for each key to limit permissions — for example, restrict a DNS key to only manage specific record types or zones.
For detailed setup instructions, see the API Authentication Guide.
250 requests per minute per API key. When you exceed the limit, you'll receive a 429 Too Many Requests response.
| Header | Description |
|---|---|
| X-RateLimit-Limit | Max requests allowed |
| X-RateLimit-Remaining | Requests remaining in current window |
| X-RateLimit-Reset | ISO timestamp when limit resets |
| Retry-After | Seconds until retry (on 429 only) |
Every non-2xx v2 response is an RFC 7807 Problem Details document with a stable code field for client branching:
{
"type": "https://developer.hostup.se/errors/invalid_request",
"title": "Invalid request",
"status": 400,
"detail": "The request body failed validation.",
"code": "invalid_request"
} Our customer portal at cloud.hostup.se uses the exact same API that you have access to as a developer. Open your browser's DevTools (F12), go to the Network tab, and perform any action in the portal to see the API calls being made. This is a great way to discover endpoints and understand request/response formats.
Each endpoint page has a "Copy for LLM" button that copies a structured prompt with all the endpoint details. Paste it into ChatGPT, Claude, or your preferred AI assistant to quickly generate integration code, understand the endpoint, or troubleshoot issues.
Domain registration, transfers, nameservers, DNS, redirects, CDN, and forwarding
/api/v2/dns-zones GET /api/v2/dns-zones/{id} GET /api/v2/dns-zones/{id}/records POST /api/v2/dns-zones/{id}/records PUT /api/v2/dns-zones/{id}/records/{recordId} PATCH /api/v2/dns-zones/{id}/records/{recordId} DELETE /api/v2/dns-zones/{id}/records/{recordId} GET /api/v2/domains CDN zones, edge proxy rules, security settings, and cache behavior
Hosting accounts, cPanel, files, databases, email, and WordPress operations
/api/v2/shared-hosting GET /api/v2/shared-hosting/{accountId} PATCH /api/v2/shared-hosting/{accountId} GET /api/v2/shared-hosting/{accountId}/account-details GET /api/v2/shared-hosting/{accountId}/account-stats GET /api/v2/shared-hosting/{accountId}/actions/billing-cycle POST /api/v2/shared-hosting/{accountId}/actions/billing-cycle POST /api/v2/shared-hosting/{accountId}/actions/cancel Fixed-cycle VPS instances, actions, backups, snapshots, console, networking, and maintenance
Pay-as-you-go Cloud VPS deployment, quotas, private networks, and block volumes
Invoices, payments, credits, pricing, and order creation
/api/v2/billing/activity GET /api/v2/billing/cards POST /api/v2/billing/cards DELETE /api/v2/billing/cards/{id} POST /api/v2/billing/credit/actions/add-funds GET /api/v2/billing/invoices GET /api/v2/billing/invoices/{id} POST /api/v2/billing/invoices/{id}/actions/apply-credit Profiles, delegated access, contacts, sessions, and account preferences
Support tickets, availability, feedback, and attachments
/api/v2/feedback POST /api/v2/support/attachments GET /api/v2/support/attachments/{id} GET /api/v2/support/departments GET /api/v2/support/tickets POST /api/v2/support/tickets GET /api/v2/support/tickets/{id} POST /api/v2/support/tickets/{id}/actions/close