Every Zo account comes with zo.space — a personal website with full React pages and API routes. The API routes are Hono endpoints that go live the moment your Zo creates them. No hosting, no deploy step, no server configuration. You describe what you want the endpoint to do, and it's running at a public URL within minutes.
This makes Zo one of the fastest ways to go from "I need an API" to "here's the URL." No Vercel setup, no AWS Lambda cold starts, no Docker containers. Just a conversation.
Your first endpoint
Create an API endpoint at /api/hello that returns a JSON greeting with the current time
Your Zo writes the route, deploys it, and gives you the URL:
https://yourhandle.zo.space/api/helloTest it:
curl https://yourhandle.zo.space/api/helloYou get back something like:
{ "message": "Hello!", "time": "2026-03-09T14:30:00Z" }That's a live API endpoint. It's public, it's fast, and it's yours.
Webhook receivers
One of the most practical uses for zo.space API routes is receiving webhooks from external services. Webhooks are how services like Stripe, GitHub, Shopify, and Slack notify you when something happens. They send a POST request to a URL you provide — and that URL needs to be publicly accessible, always on, and ready to handle the payload.
Your Zo handles all of that.
Stripe webhook handler:
Create an API endpoint at /api/stripe-webhook that receives POST requests from Stripe. Verify the webhook signature using a STRIPE_WEBHOOK_SECRET environment variable. For successful payment events, log the amount, customer email, and timestamp to /home/workspace/Data/payments.jsonl. Return a 200 for all other event types.
Your Zo creates the endpoint, sets up signature verification, and handles the payload parsing. Save your Stripe webhook secret in Settings > Advanced, then register the URL in your Stripe dashboard.
GitHub webhook handler:
Create an API endpoint at /api/github-webhook that receives GitHub webhook events. Verify the signature using GITHUB_WEBHOOK_SECRET. For "issues" events with action "opened", save the issue title, number, labels, and body to /home/workspace/Data/github-issues/. For "push" events to the main branch, log the commit messages.
This pairs well with scheduled agents. Set up a webhook that saves incoming data, then an agent that processes it periodically:
Create a daily agent at 9am. Check /home/workspace/Data/github-issues/ for new issues from the last 24 hours. Classify each one (bug, feature, question) and email me a triage summary.
Data APIs
Build endpoints that serve data from your workspace files, databases, or external sources.
Status API — share your availability:
Create an API endpoint at /api/status that checks my Google Calendar and returns JSON with my current status ("in a meeting", "free", "focused") and when I'm next available. Cache the result for 5 minutes.
Other tools and services can hit this endpoint to check your availability programmatically. Your portfolio page can read from it to show a live "available / busy" indicator.
Data endpoint from workspace files:
Create an API endpoint at /api/quotes that reads from /home/workspace/Data/quotes.json and returns a random quote as JSON. Add a category query parameter to filter by topic.
Aggregated data endpoint:
Create an API endpoint at /api/project-stats that reads my Linear issues, counts them by status (open, in progress, done), and returns the counts as JSON. Cache for 15 minutes.
Authentication
Public endpoints are fine for webhooks and read-only data. For anything sensitive, add authentication:
Bearer token auth:
Add bearer token authentication to my /api/project-stats endpoint. Use an API_SECRET environment variable. Return 401 for missing or invalid tokens.
Save the secret in Settings > Advanced. Now requests need an Authorization: Bearer <token> header.
API key in query parameter:
Add API key authentication to /api/quotes using a query parameter. Check against MY_API_KEY from environment variables. Return a 403 with an error message for invalid keys.
For more complex auth (OAuth, JWT), describe what you need and your Zo implements the pattern. It has access to the full Node.js ecosystem on your server.
Rate limiting
If your endpoint is public, protect it from abuse:
Add rate limiting to my /api/quotes endpoint. Allow 60 requests per minute per IP address. Return a 429 with a "retry-after" header when the limit is exceeded.
Connecting endpoints to your Zo's tools
Your API routes run on the same machine as your Zo. They can read workspace files, access environment variables, and call external services. This means your endpoints aren't limited to static responses — they can do real work.
Form handler that sends you a notification:
Create an API endpoint at /api/contact that accepts POST requests with name, email, and message fields. Validate the inputs, save the submission to /home/workspace/Data/contact-submissions.jsonl, and send me an SMS notification with the sender's name and message.
Put this behind a contact form on your portfolio page and every form submission triggers a text to your phone.
Endpoint that triggers an automation:
Create an API endpoint at /api/trigger-report that accepts POST requests with a bearer token. When called, read the latest data from /home/workspace/Data/metrics.jsonl, generate a summary, and email it to me.
Now you can trigger your weekly report from a button, a cron job on another service, or a Slack slash command.
Iterating on your APIs
Your Zo can modify endpoints after they're deployed. Changes go live immediately:
"Add a category parameter to my /api/quotes endpoint""Change the rate limit to 100 requests per minute""Add CORS headers so my frontend can call this endpoint""Log all requests to /home/workspace/Data/api-access.log""Add error handling — return a 500 with a message if the data file is missing"
Each change updates the live endpoint. No redeploy, no downtime.
When to use zo.space APIs vs self-hosted tools
zo.space API routes are best for:
- Personal endpoints and side projects
- Webhook receivers for services you use
- Quick prototypes that need a public URL
- Backends for your zo.space pages
For more complex automation workflows with visual editors and hundreds of pre-built integrations, consider self-hosting n8n on your Zo. n8n is better suited for multi-step workflows that chain several services together. zo.space API routes are better for custom endpoints that need specific logic.
Getting started
Build something you'll actually use:
Create an API endpoint at /api/health that returns my server uptime and the current timestamp as JSON
Then try a webhook receiver, a data endpoint, or a form handler. Every endpoint you build is one less external service you depend on.
More from the blog
Build Your Personal Corner of the Internet
Build and deploy a personal website on Zo Computer in minutes. No hosting, no deploys, no config. Just describe what you want and it's live.
How to Build a Portfolio Website with AI
Build a portfolio website on Zo in 5 minutes. No templates, no drag-and-drop. Describe what you want and it's live at yourname.zo.space.
How to Self-Host n8n
Self-host n8n free on Zo Computer—no Docker required. n8n Cloud costs $24/mo, self-hosting costs $0. Get a public URL and webhooks working in 5 minutes.
How to Build Custom Integrations on Zo
Build any custom integration on Zo with built-in apps, conversation-driven custom builds, and Skills. No code required.
How to Connect Your IDE to a Remote Server
Set up SSH access to your Zo Computer and connect VS Code, Cursor, or any IDE for remote development. Code on a powerful server from anywhere.
How to Automate Anything with Zo Agents
Set up AI agents on Zo that run on a schedule. Morning briefings, inbox summaries, price monitors, competitor tracking, and weekly reports, all on autopilot.