EvenAPI
EvenAPI 1.0

Endpoints without a backend.

Pick a template, set the limits, paste one URL. Contact forms, file uploads, email senders, and database connectors are live on your domain in minutes.

Built for production from day one

99.9% uptime target

Sub-50ms p99 in our regions

AES-256 at rest, TLS 1.3 in transit

Argon2id password and key hashing

Hosted in Germany

GDPR and UK GDPR compliant

What is in the box

Everything you need to ship endpoints

No servers to run, no databases to provision, no email infrastructure to maintain. Bring the limits and the providers you want.

Pre-built templates

Contact forms, feedback collectors, newsletter signups, waitlists, file uploads, email senders, database connectors. Pick one and ship.

Per-endpoint rate limits

Set the request budget per minute, per hour, per day. Enforced at the edge before the request reaches your code.

Allowed hosts you control

Whitelist exactly the domains that can hit your endpoint. Anything else gets a clean rejection at the gate.

Bring your own database

Forward submissions to your own Postgres, MySQL, or MongoDB with a secret connection string. We never see the rows.

Forward files to your server

Uploads hit your endpoint, then we forward the file to wherever you want. S3, your own server, anywhere.

Send email from your provider

Plug in Resend, your SMTP credentials, or any email service. Use your own quota, your own sender domain.

Analytics that answer questions

Requests, errors, latency, top referrers, top endpoints. Real numbers, not vanity charts.

GDPR and UK GDPR ready

Data subject export, verified deletion, subprocessor list, DPO contact. Legal pages included.

Per-endpoint API keys

Generate, rotate, revoke. One key per endpoint so a leak stays contained.

How it works

Three steps to a live endpoint

01

Sign up

Email and password, or one click with Google, Discord, or GitHub.

02

Pick a template

Contact form, file upload, email sender, database connector. Configure the limits and the rules.

03

Paste the URL

Drop one snippet into your site. The endpoint is live and rate-limited from the first request.

Templates

Pre-built, ready to configure

Each one ships with sensible defaults. Override what you need, leave the rest.

Form collector

Contact, feedback, newsletter, waitlist. One template, four modes.

File upload

Receive files, forward them to your server. Size and type limits you set.

Email sender

Resend, SMTP, or any provider. Use your own quota and sender domain.

Database connector

Forward submissions to your own database. We never see the data.

Security

Hardened at the boundary

Argon2id for credentials

Memory-hard hashing for passwords and API keys. We do not use bcrypt or scrypt.

RS256 JWT with JWKS rotation

Tokens signed with a private key, verified by a rotating public key. No shared secrets.

Input rejected, not encoded

We refuse to store anything that looks like script, markup, or control characters. The data never enters the database.

Ownership checked on every request

Every fetch by id re-queries with the caller's user id. A URL change never grants access to another user's data.

Audit log of every access

Reads, writes, permission denials, rate limit hits. Searchable and exportable.

Hard plan limits, not throttling

Hit your plan's request budget and the endpoint goes down for thirty minutes. We contact you to help.

Questions

Things people ask

Ship your first endpoint today.

Free, no card, ready in two minutes.