Skip to main content
Rigbox provides the infrastructure primitives - isolated VMs, app routing, AI proxy, and credit management - so you can build a hosting platform on top without managing servers. This guide walks through building a service like Clawd (an AI bot hosting platform) using the Rigbox REST API. By the end, you will have a working architecture for provisioning user workspaces, exposing apps, and managing AI credits.
This is an integration guide for building your own backend on top of Rigbox, so the examples are in Python, JavaScript, and cURL rather than the rig CLI. Python is the default tab. If you just want to drive Rigbox from your terminal, use the CLI instead.

Architecture Overview

Your platform sits between your users and the Rigbox API: Each user gets their own isolated micro-VM. Your backend orchestrates lifecycle, configuration, and monitoring through the Rigbox API. You handle user auth and billing; Rigbox handles VM isolation, networking, and AI proxy.
You handle user authentication and billing. Rigbox handles VM isolation, networking, and the AI proxy. This separation lets you focus on your product while Rigbox manages the infrastructure.

Setup

Every example uses the same base URL and bearer auth. Replace YOUR_API_KEY with an API key. The later snippets assume these are already defined.

Step 1: Provision a Workspace

When a user signs up on your platform, provision a workspace for them using the quick-deploy endpoint. This creates a workspace from a template with sensible defaults.
Store the returned workspace_id in your database, linked to the user. This is how you will manage their workspace going forward. The built-in templates are: For app-specific stacks — bots, dashboards, scrapers — provision a dev workspace and install an app recipe (@rigbox/<id>@builtin) on top.
Start with quick-deploy for the simplest provisioning flow. It creates the workspace, applies the template, and starts the VM in a single API call.

Step 2: Configure AI

AI configuration is split: a workspace’s mode (managed vs BYOK) is set per workspace at /workspaces/{id}/mode, while the default provider and model are account-level at /users/me/ai-defaults. Rigbox injects the provider key and meters usage against the account’s credit balance. Put the workspace in managed mode, then set the account default provider and model:

BYOK mode

Let users bring their own provider key. Put the workspace in BYOK mode, then supply the key as a workspace environment variable:
Provider keys set on the workspace are stored in the control plane and injected into the VM at runtime. They are never exposed to other users.
Your UI can offer a settings page where users choose between managed and BYOK, and (for managed) select the account’s preferred provider and model.

Step 3: Expose the App

Once the workspace is running, you need to create app routes so your users’ services are accessible from the internet.

Reconcile template apps

If the workspace was created from a template, reconcile to create the default app routes. This reads the template’s app definitions and creates a route for each one.

Create a custom app route

For custom services, create an app route manually:
Each app gets a unique subdomain, prefixed with the workspace name: {workspace}-{name}.rigbox.dev, with automatic HTTPS.

Step 4: Control Access

Set the visibility of each app based on your platform’s requirements with PUT /apps/{id}/visibility.

Make an app public

For user-facing apps that should be accessible by anyone:

Restrict to specific users

For team or internal apps, use privileged mode with an allowlist:

Step 5: Monitor Health

Check app health before showing a “live” status indicator in your UI, and read workspace metrics for resource dashboards.
The health endpoint returns a status you can map to a badge in your UI; the metrics endpoint returns CPU, memory, and disk usage for resource dashboards.

Step 6: Show Credits and Usage

Three endpoints give you everything you need for a usage dashboard:

Step 7: Lifecycle Management

Let users start, stop, and delete their workspace instances through your UI.
Workspace deletion is permanent and cannot be undone. Show a confirmation dialog in your UI before calling this endpoint.

Real-World Examples

How Clawd does it

Clawd is an AI bot hosting platform built on Rigbox. Here is what makes it unique:
  • Bot runtime: Runs the OpenClaw bot gateway (installed as an app recipe) for Telegram bot deployment
  • Billing: Integrates Stripe for credit pack sales (billing is handled outside the Rigbox API)
  • Dashboard: Shows real-time metrics and AI credit balance
  • AI config: Lets users pick their provider and model through a settings UI
See the full API integration at Clawd API Surface.

How Sandbox does it

Sandbox is a general-purpose coding environment built on Rigbox:
  • Template: Uses base and dev templates for coding workspaces
  • Terminal: Integrates terminal access via xterm.js WebSocket connections
  • Logs: Streams app logs in real time via SSE (Server-Sent Events)
  • Apps: Lets users create and manage multiple app routes per workspace
See the full API integration at Sandbox API Surface.
Start by building the workspace provisioning flow with quick-deploy. Once that works, layer on app management, AI config, and monitoring incrementally.

Next Steps