How do I access the VeloCMS API?

VeloCMS's API is built on PocketBase, which exposes a fully documented REST API at your tenant's PocketBase URL. To access it, generate an API token from Admin → Settings → Developer → API Tokens, include the token as a Bearer header in your requests, and you can read and write posts, members, media, and site settings programmatically.

Where is the API documentation?

PocketBase's API follows REST conventions and is documented at pocketbase.io/docs — the collections, authentication flows, and filter syntax all apply directly to your VeloCMS tenant's backend. For SaaS tenants, your PocketBase URL is displayed in Admin → Settings → Developer → API Access. For self-hosted tenants, your PocketBase instance is accessible at the URL configured during setup (typically the same hostname as your blog at port 8090, or a subdomain like data.yourdomain.com depending on your deployment).

How do I authenticate API requests?

Generate an API token in Admin → Settings → Developer → API Tokens. Click New Token, give it a name (for example 'Zapier integration' or 'migration script'), select the permission scopes you need (read-only posts, read-write posts, read members, etc.), and save. The token is shown once — copy it immediately because it's hashed before storage and VeloCMS can't display it again. Include the token in the Authorization header of your requests as 'Bearer your-token-here'. Tokens can be revoked individually from the same settings panel without affecting other active tokens.

Which collections are available through the API?

Your tenant's PocketBase exposes collections for posts (the main blog posts including drafts), media (uploaded files and their metadata), blog_members (your reader accounts), site_settings (theme, domain, analytics configuration), and tags. Ecommerce tenants also have collections for products, orders, and product_variants. The API token's permission scopes determine which collections your token can access — a read-only token scoped to posts can't accidentally modify your member list or site settings.

What are good use cases for the VeloCMS API?

The API enables a wide range of scenarios that aren't possible through the admin UI alone. Content migration tools can create posts in bulk from a JSON or CSV export of another platform. Headless front-end deployments can fetch posts via API and render them in a completely custom React or Next.js template without using VeloCMS's built-in themes. Static site generators like Astro or Eleventy can pull VeloCMS posts at build time to generate a fully static site. Automation scripts can publish posts from a content queue, update post metadata based on analytics data, or sync subscriber lists with email marketing platforms. The API makes VeloCMS act as a full headless CMS backend while still providing the managed editor and publishing interface.