API Reference

REST API

Programmatic access to websites, pages, media, and templates.

Authentication

All API requests require a CSRF token passed as the X-CSRFToken header. Session authentication is used — you must be logged in.

fetch('/api/endpoint/', { method: 'POST', credentials: 'same-origin', headers: { 'Content-Type': 'application/json', 'X-CSRFToken': csrfToken(), }, body: JSON.stringify({ ... }), })

Endpoints

GET /dashboard/ List all websites

Returns all websites owned by the authenticated user with page counts and publish status.

Response: HTML page with site data Context: websites, total_sites, published_sites, total_pages
POST /pages/{id}/save/ Save page content

Saves the GrapesJS editor state (components + styles + HTML/CSS) for a page.

Body: { "gjs_data": { "components": ..., "styles": ... }, "html": "<section>...</section>", "css": ".class { ... }" } Response: { "status": "ok" }
POST /websites/{id}/media/upload/ Upload media file

Upload an image, video, or document to the site's media library.

Content-Type: multipart/form-data Field: "file" (required) Response: { "status": "ok", "url": "/media/...", "name": "photo.jpg" }
POST /websites/{id}/publish/ Toggle publish status

Toggles the website between published (live) and unpublished (draft) states.

Response: { "is_published": true, "message": "Published!" }
POST /ai-builder/generate/ Generate site with AI

Generate a complete website from a text prompt. Creates a Website + Page and returns the editor URL.

Body: { "prompt": "A fitness studio website...", "name": "FitLife" } Response: { "ok": true, "redirect": "/pages/{id}/editor/" }
POST /websites/{id}/delete/ Delete website

Permanently deletes a website and all its pages, media, and settings. Cannot be undone.

Response: redirect to /dashboard/
GET /websites/{id}/export/?format=zip Export site code

Export all pages as downloadable code. Formats: bundle (single HTML), separate (HTML + CSS), zip (all pages). Paid plans only.

Rate Limits

Free / Starter
100
requests per minute
Pro / Enterprise
1,000
requests per minute

We use cookies

We use essential cookies to keep things running and optional cookies to improve your experience. Read our Cookie Policy for details.

Essential Cookies
Login, security, CSRF protection. Required for the site to work.
Always on
Functional Cookies
Remember your username, dark mode, and preferences.
Analytics Cookies
Help us understand how you use the site. Google Analytics.