Prerequisites
Before using the Remote Tunnels API, you need:-
cloudflared – Cloudflare’s tunnel client must be installed on your machine or CI runner
- Your application running locally – The tunnel exposes local ports, so your app must be running
Tunnel Expiration
When to Use Remote Tunnels
- Local development testing – Test your local environment without deploying
- CI/CD pipelines – Expose ephemeral test servers during build processes
- Preview environments – Create temporary public URLs for testing
- Firewall-protected environments – Access applications behind corporate firewalls
For CLI-based tunnel management, see the tunnel
command documentation. The CLI provides a simpler
interface for common tunnel operations.
Authentication
All endpoints require Bearer token authentication. Create your API key in the QA.tech dashboard: Organization Settings → API Keys. The key is shown only once, at creation. See the API Introduction for details.Endpoints
For full request, response, and error details, see the generated reference pages:- Create Remote Tunnel – Expose one or more local ports; returns the tunnel’s public hostnames and a
tunnelToken - List Remote Tunnels – All tunnels for your project, including expired ones
- Get Remote Tunnel Status – Live Cloudflare health status of a tunnel
- Delete Remote Tunnel – Tear down a tunnel and its DNS records
Tunnel Lifecycle
-
Create the tunnel via Create Remote Tunnel, specifying the local ports to expose. The response contains the public hostnames mapped to each port, a
tunnelToken, and therunnerIdused in subsequent calls. -
Start the cloudflared daemon with the returned token:
The tunnel remains active as long as cloudflared is running and the tunnel has not expired (4-hour maximum lifetime).
- Check health with Get Remote Tunnel Status before pointing tests at the tunnel.
- Use the public URLs as environment overrides when starting a run or creating a chat conversation.
- Clean up with Delete Remote Tunnel when you’re done.
Hostname Format
Each exposed port gets a public HTTPS hostname based on the tunnel’srunnerId:
- Single port without
subdomain:r-{runnerId}.quack.run - Multiple ports without
subdomain:r-{runnerId}-p{localPort}.quack.run - With
subdomain:r-{runnerId}-{subdomain}.quack.run
Related
- Tunnel CLI Command – CLI interface for tunnel management
- SSH Tunnel – Alternative tunneling via SSH
- Start Run API – Use tunnel URLs as environment overrides
- API Introduction – Authentication and ID reference