TunnelSats Public Wireguard API
  1. Cookbook
TunnelSats Public Wireguard API
  • About our team
  • 📢 Public
    • List Servers
      GET
    • Create Subscription
      POST
    • Check Status / Heal
      GET
    • Claim Subscription
      POST
    • Renew Subscription
      POST
    • Get Subscription Status
      POST
  • 🔐 Authenticated
    • List My Subscriptions
      GET
    • Sync Subscription
      POST
    • Create Referral Code
      POST
    • Referral History
      GET
  • Announcements
    • 💫 What is TunnelSats?
    • 🚀 Introducing the TunnelSats Public API v1
  • Cookbook
    • 🛠️ Automation & Code Examples
    • 🐚 Bash One-Liners
    • 🛑 Error Codes & Troubleshooting
    • 🎁 Referral Program: Earn Bonus Months
  • Schemas
    • Server
    • InvoiceOrder
    • SubscriptionStatus
    • WireGuardConfig
    • ReferralCode
    • ReferralHistory
    • NodeLookup
    • ConnectivityResult
  1. Cookbook

🛑 Error Codes & Troubleshooting

TunnelSats uses standard HTTP response codes. Since our API involves real-world Lightning transactions, understanding these codes is the difference between a smooth automation and a broken one.

📊 Common Status Codes#

CodeMeaningCommon Cause in TunnelSatsMitigation
400Bad RequestInvalid serverId or missing paymentHash.Check your request body JSON syntax.
401UnauthorizedMissing or invalid apiKey.Ensure your Bearer token is valid in the Header.
402Payment RequiredSubscription exists but hasn't been paid yet.Poll the status until it returns paid.
404Not FoundNo subscription found for that paymentHash.Ensure you are using the correct hash from the /create call.
429Too Many RequestsYou've hit the rate limit.Slow down your polling! (Max 1 request every 5s).
503Service UnavailableBackend node is syncing or Tunnel-Bot is down.Wait 30 seconds and try again.

🔍 Specific Scenarios#

Invoice Expiration
Rate Limiting (429)
Cloudflare 403
402 vs. 404
If a user waits too long to pay, the invoice will expire.
Scenario: You poll and keep getting pending.
Action: If the expiresAt timestamp has passed, discard the current paymentHash and call /create again.

📝 Node Integration Checklist#

For developers building integrations for Umbrel, Start9, or RaspiBlitz, follow this checklist to ensure a seamless user experience.

1. The Provisioning Flow#

Server Selection: Use GET /servers to allow users to pick the region closest to them for lower latency.
In-App Payment: Display the BOLT11 invoice clearly. If the node OS has a built-in wallet, provide a "Pay Now" button that calls the local wallet API.
Polling UI: Provide a visual spinner or progress bar while polling GET /subscription/{paymentHash}.

2. Configuration Management#

WireGuard Claim: Always offer a way to "Claim" the config again if the initial download fails.
File Persistence: Store the generated .conf file in a persistent directory that survives OS updates.
Custom Keys
We recommend generating keys on our server (leaving wgPublicKey empty) for the easiest setup. However, for maximum privacy, allow advanced users to provide their own wgPublicKey.
Modified at 2026-02-15 19:24:35
Previous
🐚 Bash One-Liners
Next
🎁 Referral Program: Earn Bonus Months
Built with