DZBuild API

The DZBuild API lets you manage your store programmatically: products, orders, customers, landing pages, plus a high-volume signup tracker for merchants embedding DZBuild in their own platforms.

Base URL: https://api.dzbuild.app/v1 Versioning: stable v1. Breaking changes require a new path prefix. Format: JSON in, JSON out, UTF-8. Authentication: see Authentication. Status: Pilot. Mint a key from the dashboard once it ships, or contact support@dzbuild.com to be enrolled in the pilot.

Quickstart

curl https://api.dzbuild.app/v1/ping

Response:

{ "data": { "pong": true, "time": "2026-04-30T20:15:59.836Z", "edge": true },
  "meta": { "request_id": "...", "api_version": "v1", "edge": true } }

Authenticated request:

curl https://api.dzbuild.app/v1/whoami \
  -H "Authorization: Bearer dzpk_live_<your_key_id>.<your_secret>"

Envelope

Every response follows the same shape:

Success

{ "data": ..., "meta": { "request_id": "...", "api_version": "v1" } }

Error

{ "error": { "code": "rate_limited", "message": "...", "retry_after": 12 },
  "meta": { "request_id": "...", "api_version": "v1" } }

Architecture

Requests hit Cloudflare Workers at the edge in 300+ POPs:

Auth + HMAC verification at edge — origin never sees an unauthenticated request.
Per-key sliding-window rate limit at edge.
Read-cache (30s TTL) for safe GETs.
Writes are forwarded to origin with edge-attestation headers; the origin double-checks.
High-volume writes (/v1/signups, /v1/events) go through Cloudflare Queues and return 202 Accepted immediately — your call doesn't wait for the database.

Quickstart​

Envelope​

Architecture​

Quickstart

Envelope

Architecture