Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/Meza-dev/Ghostly/llms.txt

Use this file to discover all available pages before exploring further.

The Ghostly API is a locally-hosted HTTP service that gives you programmatic access to every capability exposed by the Ghostly dashboard: starting and monitoring browser-automation runs, managing projects, generating AI-assisted test plans, handling user accounts, and configuring the LLM back-end. All communication uses standard JSON over HTTP, and the server starts automatically when you run ghostly up (or the bundled CLI).

Base URL & Versioning

The server binds to http://localhost:4000 by default. You can change the port with the --port flag or by setting API_PORT (or PORT) in your environment before launching the server. Every endpoint described in this reference lives under the /v1 path prefix:
http://localhost:4000/v1/<resource>
The single exception is the health-check endpoint (GET /health), which sits at the root and requires no authentication.
API_PORT takes precedence over PORT. If neither is set, the server falls back to port 3000 as the hard-coded default. The CLI (ghostly up) defaults to 4000, so make sure both sides use the same value when customising the port.

Authentication

Ghostly supports two authentication methods. Most routes accept either; a small number (API-key management, SSE event streams) are tied to one specific method.
Pass your API key in the X-Api-Key request header:
curl http://localhost:4000/v1/runs \
  -H "X-Api-Key: <your-api-key>"
API keys are opaque 64-character hex strings (32 random bytes). Generate one with:
  • CLIghostly keygen
  • Dashboard — Settings → API Keys → Create
API key auth is the right choice for the CLI, MCP server (@ghostly-io/cli), the @ghostly-io/client SDK, CI pipelines, and any automated script where storing a long-lived credential is acceptable.
Change JWT_SECRET and the default admin password (admin123) before exposing the API on any network interface reachable by other machines. The defaults are designed for local-only use only.

Content Type & Request Bodies

All request bodies must be JSON. Set the header on every mutating request:
Content-Type: application/json
Responses are always JSON, including errors.

Error Format

Every error response follows a consistent envelope:
{
  "ok": false,
  "error": "human-readable message",
  "details": {}
}
The details field is optional and only present when additional structured context is available. Successful responses always include "ok": true at the top level.

Endpoint Summary

MethodPathAuthDescription
POST/v1/auth/loginNoneExchange credentials for a JWT token
POST/v1/auth/registerJWT or API key (admin role)Create a new user account
GET/v1/auth/meJWT or API keyReturn the currently authenticated user
POST/v1/runAPI key or JWTStart a browser-automation run
GET/v1/runsAPI key or JWTList all runs (filterable by project)
GET/v1/runs/:idAPI key or JWTGet the full detail of a single run
POST/v1/runs/:id/cancelAPI key or JWTCancel a run that is currently executing
GET/v1/runs/:id/events/streamJWT (via ?token=)SSE stream of live run events
POST/v1/planAPI key or JWTGenerate an AI step plan from a natural-language goal
GET/v1/projectsAPI key or JWTList all projects
POST/v1/projectsAPI key or JWTCreate a new project
DELETE/v1/projects/:idAPI key or JWTDelete a project
GET/v1/api-keysJWTList API keys for the current user
POST/v1/api-keysJWTCreate a new API key
DELETE/v1/api-keys/:idJWTDelete an API key
GET/v1/settings/llmJWTGet the current LLM configuration
PUT/v1/settings/llmJWTUpdate LLM provider and model settings
POST/v1/settings/llm/testJWTTest the current LLM connection
GET/v1/settings/llm/providersJWTList available LLM providers
GET/v1/settings/llm/modelsJWTList models for a given provider
GET/v1/pingJWT or API keyLLM configuration state and server status
GET/healthNoneServer health check

Quick Examples

# List projects
curl http://localhost:4000/v1/projects \
  -H "X-Api-Key: <your-api-key>"

# Start a run
curl -X POST http://localhost:4000/v1/run \
  -H "X-Api-Key: <your-api-key>" \
  -H "Content-Type: application/json" \
  -d '{
    "baseUrl": "https://example.com",
    "project": "my-project",
    "steps": [
      { "action": "goto", "url": "https://example.com" },
      { "action": "snapshot" }
    ]
  }'

Explore the API

Authentication

Login, register users, and manage API keys. Full endpoint reference with request/response shapes.

Start a Run

Fire off a browser-automation run from a step list or an AI-generated plan.

Projects

Organise runs into projects, create new ones, and clean up old entries.

LLM Settings

Configure the AI provider and model Ghostly uses to generate and heal test plans.

Build docs developers (and LLMs) love