osmRouterosmRouter

Custom domains

Serve tunnels on a hostname you own. Verify with a DNS TXT record, then bind tunnels to it.

By default tunnels resolve under *.osmrouter.com. Add a domain you own and your tunnels can serve on your hostname instead — api.yourcompany.com rather than a shared third-party domain.

Add and verify a domain

Add the hostname

Under Dashboard → Domains, add the host you want to serve from (for example example.com or api.example.com). osmRouter shows a DNS TXT record to prove you control it.

Publish the TXT record

At your DNS provider, add the exact record — name _osmrouter.<your-host>, value osm-verify-.... Confirm it has propagated:

dig +short TXT _osmrouter.example.com
# expect: "osm-verify-..."

Click Verify

Once the record is visible from public DNS, click Verify. Verification fails until the record resolves, so wait for propagation before retrying.

Point the host at the edge

After verification, point the host itself (CNAME or A record) at the edge so tunnels can bind it. A certificate is issued automatically on first request.

Bind a tunnel to your domain

Set OSM_DOMAIN (and optionally OSM_SUBDOMAIN) to route a tunnel through the verified host:

OSM_DOMAIN=example.com OSM_SUBDOMAIN=api osmrouter http 8080
# -> https://api.example.com

OSM_DOMAIN must be a domain you've added and verified under Domains first. Until then, tunnels can only bind under osmrouter.com.

Common mistakes

  • Doubled zone suffix. If your provider appends the zone automatically, don't include it in the record name — a value like _osmrouter.example.com.example.com is the most common error.
  • Whitespace or truncation. Paste the value verbatim. Some DNS UIs add quotes around TXT values; that's fine, but extra whitespace or a cut-off value is not.
  • Verifying too early. DNS propagation can take a minute to a few hours depending on your provider's TTL. Wait for dig to return the value rather than re-adding the domain.

Drive it over the API

You can read the pending record and trigger a re-check programmatically:

# read pending record(s)
curl https://api.osmrouter.com/v1/domains \
  -H "Authorization: Bearer $OSM_TOKEN"

# trigger a re-check
curl -X POST https://api.osmrouter.com/v1/domains/<id>/verify \
  -H "Authorization: Bearer $OSM_TOKEN"

Free includes 2 custom domains, Pro includes 25 — see Plans.

Streaming & WebSockets

WebSockets, Server-Sent Events, and long-lived streaming bodies pass through end to end with no timeout.

Auth tokens

Agent tokens authenticate the CLI and SDK to your account. Create, use, rotate, and revoke them.

On this page

Add and verify a domain
Add the hostname
Publish the TXT record
Click Verify
Point the host at the edge
Bind a tunnel to your domain
Common mistakes
Drive it over the API