Skip to main content

Exposing a Port

Create a public HTTPS URL that proxies traffic to a port inside your sandbox: 
oc preview create sb-abc123 --port 3000
# → hostname: sb-abc123-p3000.workers.opencomputer.dev

Sharing a Dev Server

Start a server inside the sandbox, expose it, and share the URL: 
# Start a dev server in the background
oc exec sb-abc123 -- bash -c 'cd /app && npm run dev &'

# Expose port 3000
oc preview create sb-abc123 --port 3000

# Get the URL
oc preview list sb-abc123

Multiple Ports

Expose multiple services from the same sandbox: 
oc preview create sb-abc123 --port 3000  # Frontend
oc preview create sb-abc123 --port 8080  # API server

oc preview list sb-abc123
# PORT  HOSTNAME                                      SSL     CREATED
# 3000  sb-abc123-p3000.workers.opencomputer.dev      active  ...
# 8080  sb-abc123-p8080.workers.opencomputer.dev      active  ...

Custom Domains

Pass --domain to use your own domain. DNS must point to OpenComputer’s ingress, and the domain must be verified in the dashboard. SSL is provisioned automatically. 
oc preview create sb-abc123 --port 3000 --domain preview.myapp.com

Cleanup

oc preview delete sb-abc123 3000
Preview URLs persist across hibernation/wake cycles — no need to re-create them.

Bearer-Token Authentication

By default, anyone who knows the preview hostname can hit your sandbox’s port. To require an Authorization: Bearer <token> header on every request, opt in at create time: 
oc sandbox create --preview-auth
# Created sandbox sb-abc123 (status: running)
# Preview auth token (shown once): qx2sSi5IYXWBvnnRqwK9Ky_cIAI-x0Vx1bPCt0XMxsI
Then call your preview URL with the token: 
curl -H "Authorization: Bearer qx2sSi5IYX..." https://sb-abc123-p3000.workers.opencomputer.dev/
Bring your own token if your gateway already has a shared secret: 
oc sandbox create --preview-auth-token "$GATEWAY_TOKEN"
Rotate the token (old one stops working immediately): 
oc preview rotate-auth sb-abc123
# New preview auth token (shown once): <new token>
Token is shown exactly once and only its SHA-256 hash is stored. See Authentication for the SDK equivalents.
SDK usage: Preview URLs. Full flags: CLI Reference.