Backend 2,183 installs

expo-api-routes

by expo/skills

Guidelines for creating API routes in Expo Router with EAS Hosting

Skill content

API routes in Expo Router for server-side logic, secrets, and third-party integrations on EAS Hosting.

- Create routes with +api.ts suffix in the app directory; export named functions for HTTP methods (GET, POST, PUT, DELETE)

- Handle query parameters, headers, JSON bodies, and dynamic route segments; add CORS headers for web clients

- Access server-side secrets via process.env; set variables locally in .env or via eas env:create for production

- Deploy to EAS Hosting (Cloudflare Workers) with eas deploy; use cloud databases (Turso, Supabase, PlanetScale) since filesystem and Node.js modules are unavailable

- Test locally with npx expo serve and curl; call routes from client with standard fetch to relative paths like /api/hello

When to Use API Routes

Use API routes when you need:

- Server-side secrets - API keys, database credentials, or tokens that must never reach the client

- Database operations - Direct database queries that shouldn't be exposed

- Third-party API proxies - Hide API keys when calling external services (OpenAI, Stripe, etc.)

- Server-side validation - Validate data before database writes

- Webhook endpoints - Receive callbacks from services like Stripe or GitHub

- Rate limiting - Control access at the server level

- Heavy computation - Offload processing that would be slow on mobile

When NOT to Use API Routes

Avoid API routes when: