expo-api-routes
Installation
Summary
API routes in Expo Router for server-side logic, secrets, and third-party integrations on EAS Hosting.
- Create routes with
+api.tssuffix in theappdirectory; export named functions for HTTP methods (GET, POST, PUT, DELETE) - Handle query parameters, headers, JSON bodies, and dynamic route segments; add CORS headers for web clients
- Access server-side secrets via
process.env; set variables locally in.envor viaeas env:createfor production - Deploy to EAS Hosting (Cloudflare Workers) with
eas deploy; use cloud databases (Turso, Supabase, PlanetScale) since filesystem and Node.js modules are unavailable - Test locally with
npx expo serveand curl; call routes from client with standard fetch to relative paths like/api/hello
SKILL.md
When to Use API Routes
Use API routes when you need:
- Server-side secrets — API keys, database credentials, or tokens that must never reach the client
- Database operations — Direct database queries that shouldn't be exposed
- Third-party API proxies — Hide API keys when calling external services (OpenAI, Stripe, etc.)
- Server-side validation — Validate data before database writes
- Webhook endpoints — Receive callbacks from services like Stripe or GitHub
- Rate limiting — Control access at the server level
- Heavy computation — Offload processing that would be slow on mobile
When NOT to Use API Routes
Avoid API routes when: