Quick Links

/docs/cli-flags/docs/troubleshooting/docs/webhooks/solutions/docs/referrals

Answer-first summary

InstaTunnel docs wa doko kara hajimeru no ga yoi desu ka?

Kono junban ga suisho desu: CLI install -> auth -> first tunnel, sono ato use case ni awasete MCP/webhooks/referrals. Nichijou unyou wa CLI Flags to Troubleshooting o tsukatte kudasai.

Last reviewed: March 5, 2026
Compatibility: Core docs wa CLI v1 default to streaming client no tame no MCP --transport v2 ni taiou shiteimasu.

Quick command

instatunnel auth login -e you@example.com && instatunnel 3000 --subdomain docs-demo

Common failures and quick fixes

  • Auth not persisted-instatunnel auth set-key it_your_api_key de key o local ni hozon shite kudasai.
  • Webhook 401 signature errors-Production test mae ni /docs/webhooks no provider betsu secret verification guide o shiyou shite kudasai.

Evidence and trust

Compatibility, reliability, security posture no kakunin ni tsukatte kudasai.

Release cadence

CLI to docs no release notes wa tsune ni update sare, version goto no compatibility note ga arimasu.

View release notes

Security controls

Security whitepaper de policy enforcement, auth layer, operational safeguards o kakunin dekimasu.

Open security whitepaper

Documentation

Authentication

Authenticate and manage API access with comprehensive authentication endpoints for secure tunnel management.

🔑 API Authentication

API Key Authentication

# All API requests require authentication
Authorization: Bearer YOUR_API_KEY
# Example API request
curl -H "Authorization: Bearer it_1234567890abcdef" \
  https://api.instatunnel.my/v1/tunnels

API Key Format: All InstaTunnel API keys start with it_ followed by 16 characters.

Get API Key

# Login via CLI to get API key
$ instatunnel login
📧 Email: user@example.com
🔒 Password: ********
✅ Login successful
🔑 API Key: it_1234567890abcdef
# View current API key
$ instatunnel auth status
Current API Key: it_***...def
Status: Valid
Expires: Never

👤 User Management

GET /auth/user

Get current user information.

# Get user info
curl -H "Authorization: Bearer YOUR_API_KEY" \
  https://api.instatunnel.my/v1/auth/user
// Response
{
  "id": "user_456",
  "email": "user@example.com",
  "name": "John Doe",
  "plan": "pro",
  "created_at": "2024-01-15T10:30:00Z",
  "usage": {
    "tunnels_created": 156,
    "data_transferred": "2.4 GB",
    "requests_served": 12487
  }
}

POST /auth/login

Authenticate with email and password to get API key.

# Login with credentials
curl -X POST \
  -H "Content-Type: application/json" \
  -d '{"email":"user@example.com","password":"mypassword"}' \
  https://api.instatunnel.my/v1/auth/login
// Response
{
  "api_key": "it_1234567890abcdef",
  "user": {
    "id": "user_456",
    "email": "user@example.com",
    "name": "John Doe"
  }
}

POST /auth/logout

Invalidate current API key.

# Logout and invalidate API key
curl -X POST \
  -H "Authorization: Bearer YOUR_API_KEY" \
  https://api.instatunnel.my/v1/auth/logout

🔐 API Key Management

GET /auth/keys

List all API keys for your account.

# List API keys
curl -H "Authorization: Bearer YOUR_API_KEY" \
  https://api.instatunnel.my/v1/auth/keys
// Response
{
  "keys": [
    {
      "id": "key_123",
      "name": "Production Key",
      "key": "it_***...def",
      "created_at": "2024-01-15T10:30:00Z",
      "last_used": "2024-07-02T14:30:00Z",
      "permissions": ["tunnels:read", "tunnels:write"]
    }
  ]
}

POST /auth/keys

Create a new API key with specific permissions.

# Create new API key
curl -X POST \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"name":"CI/CD Key","permissions":["tunnels:read"]}' \
  https://api.instatunnel.my/v1/auth/keys
// Available permissions
[
  "tunnels:read", // View tunnels
  "tunnels:write", // Create/modify tunnels
  "tunnels:delete", // Delete tunnels
  "analytics:read", // View analytics
  "admin:read", // Admin read access
  "admin:write" // Admin write access
]

DELETE /auth/keys/:id

Revoke an API key.

# Revoke API key
curl -X DELETE \
  -H "Authorization: Bearer YOUR_API_KEY" \
  https://api.instatunnel.my/v1/auth/keys/key_123

🛡️ OAuth Integration

OAuth Flow

1. Authorization URL
# Redirect user to authorization URL
https://api.instatunnel.my/v1/oauth/authorize?
  client_id=YOUR_CLIENT_ID&
  redirect_uri=https://yourapp.com/callback&
  scope=tunnels:read,tunnels:write&
  state=random_state_string
2. Exchange Code for Token
# Exchange authorization code for access token
curl -X POST \
  -H "Content-Type: application/json" \
  -d '{
    "client_id":"YOUR_CLIENT_ID",
    "client_secret":"YOUR_CLIENT_SECRET",
    "code":"AUTH_CODE",
    "grant_type":"authorization_code"
  }' \
  https://api.instatunnel.my/v1/oauth/token

Token Refresh

# Refresh access token
curl -X POST \
  -H "Content-Type: application/json" \
  -d '{
    "client_id":"YOUR_CLIENT_ID",
    "client_secret":"YOUR_CLIENT_SECRET",
    "refresh_token":"REFRESH_TOKEN",
    "grant_type":"refresh_token"
  }' \
  https://api.instatunnel.my/v1/oauth/token

⚙️ Permission Scopes

Available Scopes

Tunnel Management
  • tunnels:read - View tunnel information
  • tunnels:write - Create and modify tunnels
  • tunnels:delete - Delete tunnels
  • tunnels:stats - Access tunnel statistics
Analytics & Monitoring
  • analytics:read - View analytics data
  • logs:read - Access request logs
  • alerts:read - View alerts configuration
  • alerts:write - Configure alerts
Account Management
  • account:read - View account information
  • account:write - Modify account settings
  • billing:read - View billing information
  • keys:manage - Manage API keys
Administration
  • admin:read - Admin read access
  • admin:write - Admin write access
  • users:manage - Manage team users
  • org:manage - Organization management

🔍 Authentication Debugging

Common Error Responses

401 Unauthorized
{
  "error": "unauthorized",
  "message": "Invalid or missing API key",
  "code": 4001
}
403 Forbidden
{
  "error": "forbidden",
  "message": "Insufficient permissions for this operation",
  "required_scope": "tunnels:write",
  "code": 4003
}
429 Rate Limited
{
  "error": "rate_limited",
  "message": "API rate limit exceeded",
  "retry_after": 60,
  "code": 4029
}

Authentication Testing

# Test API key validity
$ instatunnel auth test
✅ API key is valid
👤 User: john@example.com
📋 Plan: Pro
🔑 Permissions: tunnels:*, analytics:read
# Test specific permission
$ instatunnel auth test --scope tunnels:write
✅ Permission 'tunnels:write' granted

🔐 Security Warning: Never expose API keys in client-side code or public repositories. Use environment variables and secure key management practices. Rotate keys regularly and use minimal permissions for each key.

Need a quick path?

Plan o mite, hitsuyo na toki ni guided start o tsukatte kudasai.

Pro/Business no MCP endpoint de wa tsugi o tsukatte kudasai: instatunnel 8787 --mcp.

View PricingWebhook GuidesUse Cases HubGet Started Guide
Docs | InstaTunnel