Skip to main content
POST
/
instances
Create a VPN instance
curl --request POST \
  --url https://api.altostrat.io/instances \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '{
  "name": "Primary Production VPN",
  "hostname": "prod-vpn-sjc",
  "region": "sjc"
}'
{
  "id": "d290f1ee-6c54-4b01-90e6-d701748f0851",
  "name": "Primary Production VPN",
  "region": "sjc",
  "hostname": "my-vpn-gateway.vpn.altostr.at",
  "configured": true,
  "rsa_ready": true,
  "diffie_hellman_ready": true,
  "server_ready": true,
  "status": [
    "peer-created"
  ],
  "pushed_routes": [
    "10.0.0.0/8"
  ],
  "public_dns": [
    "9.9.9.9"
  ],
  "split_dns": [
    "192.168.1.1"
  ],
  "domains": [
    "internal.corp"
  ],
  "dns_custom": [
    {
      "name": "fileserver.internal.corp",
      "type": "A",
      "value": "192.168.1.10"
    }
  ],
  "firewall": [
    {
      "name": "Allow ICMP",
      "protocol": "icmp",
      "port": "1-65535",
      "source": "0.0.0.0/0",
      "destination": "0.0.0.0/0"
    }
  ],
  "created_at": "2025-10-29T12:30:31Z"
}

Authorizations

โ€‹
Authorization
string
header
required

Enter your bearer token in the format: Bearer {token}

Body

application/json
โ€‹
name
string
required

A human-readable name for the new instance.

Required string length: 3 - 20
Example:

"Primary Production VPN"

โ€‹
hostname
string
required

A unique hostname for the instance. This will be part of the FQDN. Must be a valid hostname segment (e.g., 'my-vpn-gateway').

Required string length: 3 - 20
Example:

"prod-vpn-sjc"

โ€‹
region
string
required

The identifier for the geographical region to deploy the instance. See the /servers/regions endpoint for available options.

Example:

"sjc"

Response

The VPN instance was created successfully.

โ€‹
id
string<uuid>

The unique identifier for the VPN instance.

Example:

"d290f1ee-6c54-4b01-90e6-d701748f0851"

โ€‹
name
string

A human-readable name for the instance.

Example:

"Primary Production VPN"

โ€‹
region
string

The geographical region where the instance is deployed.

Example:

"sjc"

โ€‹
hostname
string

The fully qualified domain name (FQDN) of the VPN instance.

Example:

"my-vpn-gateway.vpn.altostr.at"

โ€‹
configured
boolean

Indicates if the initial server setup has completed.

Example:

true

โ€‹
rsa_ready
boolean

Indicates if the RSA certificates have been generated.

Example:

true

โ€‹
diffie_hellman_ready
boolean

Indicates if the Diffie-Hellman parameters have been generated.

Example:

true

โ€‹
server_ready
boolean

A general indicator of the server's readiness.

Example:

true

โ€‹
status
string[]

An array of strings indicating any ongoing configuration changes. An empty array means the configuration is stable.

Example:
["peer-created"]
โ€‹
pushed_routes
string[]

A list of network routes (in CIDR notation) that will be pushed to connecting clients.

โ€‹
public_dns
string<ipv4>[]

A list of public DNS servers to be used by clients.

โ€‹
split_dns
string<ipv4>[]

A list of private DNS servers for specific domains (split-tunnel DNS).

โ€‹
domains
string[]

A list of domain names that should be resolved using the split_dns servers.

โ€‹
dns_custom
object[]

A list of custom DNS records to be served by the instance's DNS proxy.

โ€‹
firewall
object[]

A list of firewall rules applied to the instance.

โ€‹
created_at
string<date-time>

The timestamp when the instance was created.

Example:

"2025-10-29T12:30:31Z"