VendoVendo Docs
Infrastructure

Infrastructure

What runs under your tool — runtime targets, subdomains, the proxy, credentials, logs, healthchecks, and isolation.

You don't operate Vendo's infrastructure — Vendo does. But when something breaks at 2am, or when you're deciding whether a feature is feasible, you want a real mental model of what's under your tool.

This section is that model. Each page is written from the perspective of a tool author who needs to debug, configure, or reason about behavior — not from the perspective of someone running the platform.

What runs where

The request path

  • The proxy — what {provider}-proxy.vendo.run does to your call.
  • Credentials worker — how credentials.vendo.run vends OAuth tokens.
  • Healthchecks — the contract, and what happens when you fail it.

Configuration and observability

Vendo subdomain inventory

A quick map of which Vendo-owned hosts do what. Your tool generally only talks to the three at the top.

HostPurpose
{tenant}-{deploy}.vendo.run (or legacy {deploy}.{tenant}.vendo.run)Your deployed tool's public URL. Served by vendo-app-proxy.
{provider}-proxy.vendo.runProvider proxies (OpenAI, Anthropic, OpenRouter, Gemini, ElevenLabs, AssemblyAI, MuAPI, Telegram, Composio).
credentials.vendo.runOAuth token vending for refresh-rotating profiles.
hooks.vendo.runInbound webhook surface (Telegram bot updates today; more providers later). Verifies the upstream signature, signs an outbound envelope, and forwards to your deployment.
cdn.vendo.runPublic read-only R2 bucket. Serves immutable content-hashed assets uploaded by the platform.
downloads.vendo.runPublic read-only R2 bucket. Serves desktop-app binaries (cap, jan, openscreen, voicebox, clicky, logseq).
vendo.runThe Vendo dashboard and HTTP API.

On this page