API Routes

Writing an API Route
Implementing an API Route handler
Session management
Exposing a GraphQL API
Exposing a tRPC Server route

While we think that using createServerData$ is the best way to write server-side code for data needed by your UI, sometimes you need to expose API routes. Reasons for wanting API Routes include:

You have additional clients that want to share this logic.
You want to expose a GraphQL or tRPC endpoint.
You want to expose a public facing REST API.
You need to write webhooks or auth callback handlers for OAuth.
You want to have URLs not serving HTML, but other kinds of documents like PDFs or images.

SolidStart makes it easy to write routes for these use cases.

Writing an API Route

API routes are just like any other route and follow the same filename conventions as UI Routes. The only difference is in what you should export from the file. API Routes do not export a default Solid component and a routeData function.

Instead, they export functions that are named after the HTTP method that they handle. For example, a GET request would be handled by the exported GET function. If a handler is not defined for a given HTTP method, SolidStart will return a 405 Method Not Allowed response.

routes/api/students.ts

tsx
// handles HTTP GET requests to /api/students
export function GETfunction GET(): Response() {
  return new ResponseThis Fetch API interface represents the response to a request.

var Response: new (body?: BodyInit | null | undefined, init?: ResponseInit | undefined) => Response("Hello World");
}
 
export function POSTfunction POST(): void() {
  // ...
}
 
export function PATCHfunction PATCH(): void() {
  // ...
}
 
export function DELETEfunction DELETE(): void() {
  // ...
}

routes/api/students.ts

tsx
// handles HTTP GET requests to /api/students
export function GETfunction GET(): Response() {
  return new ResponseThis Fetch API interface represents the response to a request.

var Response: new (body?: BodyInit | null | undefined, init?: ResponseInit | undefined) => Response("Hello World");
}
 
export function POSTfunction POST(): void() {
  // ...
}
 
export function PATCHfunction PATCH(): void() {
  // ...
}
 
export function DELETEfunction DELETE(): void() {
  // ...
}

These functions can also sit in your UI routes beside your component. They can handle non-GET HTTP requests for those routes.

routes/students.tsx

tsx
export function POSTfunction POST(): void() {
  // ...
}
 
export function routeDatafunction routeData(): void() {
  // ...
}
 
export default function Studentsfunction Students(): JSX.Element() {
  return <h1(property) JSX.HTMLElementTags.h1: JSX.HTMLAttributes<HTMLHeadingElement>>Students</h1(property) JSX.HTMLElementTags.h1: JSX.HTMLAttributes<HTMLHeadingElement>>;
}

routes/students.tsx

tsx
export function POSTfunction POST(): void() {
  // ...
}
 
export function routeDatafunction routeData(): void() {
  // ...
}
 
export default function Studentsfunction Students(): JSX.Element() {
  return <h1(property) JSX.HTMLElementTags.h1: JSX.HTMLAttributes<HTMLHeadingElement>>Students</h1(property) JSX.HTMLElementTags.h1: JSX.HTMLAttributes<HTMLHeadingElement>>;
}

Implementing an API Route handler

An API route gets passed an APIEvent object as its first argument. This object contains:

request: Request object representing the request sent by the client.
params: Object that contains the dynamic route parameters, e.g. for /api/students/:id, when user requests /api/students/123 , params.id will be "123".
env: Environment context, environment specific settings, and bindings.
fetch: An internal fetch function that can be used to make requests to other API routes without worrying about the origin of the URL.

An API route is expected to return a Response object. Let's look at an example of an API route that returns a list of students in a given house, in a specific year:

routes/api/[house]/students/year-[year].ts

tsx
import { type APIEvent(alias) interface APIEvent
import APIEvent, jsonA JSON response. Converts `data` to JSON and sets the `Content-Type` header.

(alias) function json<Data>(data: Data, init?: number | ResponseInit): Response
import json } from "solid-start/api";
import hogwartsimport hogwarts from "./hogwarts";
 
export async function GETfunction GET({ params }: APIEvent): Promise<Response>({ params(parameter) params: {
    [key: string]: string;
} }: APIEvent(alias) interface APIEvent
import APIEvent) {
  consolevar console: Console.log(method) Console.log(...data: any[]): void(`House: ${params(parameter) params: {
    [key: string]: string;
}.housestring}, Year: ${params(parameter) params: {
    [key: string]: string;
}.yearstring}`);
  const studentsconst students: {
    name: string;
    house: string;
    year: string;
}[] = await hogwartsimport hogwarts.getStudents(method) getStudents(house: string, year: string): {
    name: string;
    house: string;
    year: string;
}[](params(parameter) params: {
    [key: string]: string;
}.housestring, params(parameter) params: {
    [key: string]: string;
}.yearstring);
  return jsonA JSON response. Converts `data` to JSON and sets the `Content-Type` header.

(alias) json<{
    students: {
        name: string;
        house: string;
        year: string;
    }[];
}>(data: {
    students: {
        name: string;
        house: string;
        year: string;
    }[];
}, init?: number | ResponseInit): Response
import json({ students(property) students: {
    name: string;
    house: string;
    year: string;
}[] });
}

routes/api/[house]/students/year-[year].ts

tsx
import { type APIEvent(alias) interface APIEvent
import APIEvent, jsonA JSON response. Converts `data` to JSON and sets the `Content-Type` header.

(alias) function json<Data>(data: Data, init?: number | ResponseInit): Response
import json } from "solid-start/api";
import hogwartsimport hogwarts from "./hogwarts";
 
export async function GETfunction GET({ params }: APIEvent): Promise<Response>({ params(parameter) params: {
    [key: string]: string;
} }: APIEvent(alias) interface APIEvent
import APIEvent) {
  consolevar console: Console.log(method) Console.log(...data: any[]): void(`House: ${params(parameter) params: {
    [key: string]: string;
}.housestring}, Year: ${params(parameter) params: {
    [key: string]: string;
}.yearstring}`);
  const studentsconst students: {
    name: string;
    house: string;
    year: string;
}[] = await hogwartsimport hogwarts.getStudents(method) getStudents(house: string, year: string): {
    name: string;
    house: string;
    year: string;
}[](params(parameter) params: {
    [key: string]: string;
}.housestring, params(parameter) params: {
    [key: string]: string;
}.yearstring);
  return jsonA JSON response. Converts `data` to JSON and sets the `Content-Type` header.

(alias) json<{
    students: {
        name: string;
        house: string;
        year: string;
    }[];
}>(data: {
    students: {
        name: string;
        house: string;
        year: string;
    }[];
}, init?: number | ResponseInit): Response
import json({ students(property) students: {
    name: string;
    house: string;
    year: string;
}[] });
}

Session management

As HTTP is a stateless protocol, for awesome dynamic experiences, you want to know the state of the session on the client. For example, you want to know who the user is. The secure way of doing this is to use HTTP-only cookies.

You can store session data in them and they are persisted by the browser that your user is using. We expose the Request object which represents the user's request. The cookies can be accessed by parsing the Cookie header.

Let's look at an example of how to use the cookie to identify the user:

routes/api/[house]/admin.ts

tsx
import { type APIEvent(alias) interface APIEvent
import APIEvent, jsonA JSON response. Converts `data` to JSON and sets the `Content-Type` header.

(alias) function json<Data>(data: Data, init?: number | ResponseInit): Response
import json } from "solid-start/api";
import { parseCookieParse a cookie header.

Parse the given cookie header string into an object
The object has the various cookies as keys(names) => values

(alias) function parseCookie(str: string, options?: CookieParseOptions): Record<string, string>
import parseCookie } from "solid-start";
import hogwartsimport hogwarts from "./hogwarts";
 
export async function GETfunction GET({ request, params }: APIEvent): Promise<Response>({ request(parameter) request: Request, params(parameter) params: {
    [key: string]: string;
} }: APIEvent(alias) interface APIEvent
import APIEvent) {
  const cookieconst cookie: Record<string, string> = parseCookieParse a cookie header.

Parse the given cookie header string into an object
The object has the various cookies as keys(names) => values

(alias) parseCookie(str: string, options?: CookieParseOptions | undefined): Record<string, string>
import parseCookie(request(parameter) request: Request.headersReturns a Headers object consisting of the headers associated with request. Note that headers added in the network layer by the user agent will not be accounted for in this object, e.g., the &quot;Host&quot; header.

(property) Request.headers: Headers.get(method) Headers.get(name: string): string | null("Cookie") ?? "");
  const userIdconst userId: string = cookieconst cookie: Record<string, string>['userId'];
  if (!userIdconst userId: string) {
    return new ResponseThis Fetch API interface represents the response to a request.

var Response: new (body?: BodyInit | null | undefined, init?: ResponseInit | undefined) => Response("Not logged in", { status(property) ResponseInit.status?: number | undefined: 401 });
  }
  const houseMasterconst houseMaster: {
    name: string;
    house: string;
    id: string;
} = await hogwartsimport hogwarts.getHouseMaster(method) getHouseMaster(house: string): {
    name: string;
    house: string;
    id: string;
}(params(parameter) params: {
    [key: string]: string;
}.housestring);
  if (houseMasterconst houseMaster: {
    name: string;
    house: string;
    id: string;
}.id(property) id: string !== userIdconst userId: string) {
    return new ResponseThis Fetch API interface represents the response to a request.

var Response: new (body?: BodyInit | null | undefined, init?: ResponseInit | undefined) => Response("Not authorized", { status(property) ResponseInit.status?: number | undefined: 403 });
  }
  return jsonA JSON response. Converts `data` to JSON and sets the `Content-Type` header.

(alias) json<{
    students: {
        name: string;
        house: string;
        year: string;
    }[];
}>(data: {
    students: {
        name: string;
        house: string;
        year: string;
    }[];
}, init?: number | ResponseInit): Response
import json({ 
    students(property) students: {
    name: string;
    house: string;
    year: string;
}[]: await hogwartsimport hogwarts.getStudents(method) getStudents(house: string, year: string): {
    name: string;
    house: string;
    year: string;
}[](params(parameter) params: {
    [key: string]: string;
}.housestring, params(parameter) params: {
    [key: string]: string;
}.yearstring) 
  });
}

routes/api/[house]/admin.ts

tsx
import { type APIEvent(alias) interface APIEvent
import APIEvent, jsonA JSON response. Converts `data` to JSON and sets the `Content-Type` header.

(alias) function json<Data>(data: Data, init?: number | ResponseInit): Response
import json } from "solid-start/api";
import { parseCookieParse a cookie header.

Parse the given cookie header string into an object
The object has the various cookies as keys(names) => values

(alias) function parseCookie(str: string, options?: CookieParseOptions): Record<string, string>
import parseCookie } from "solid-start";
import hogwartsimport hogwarts from "./hogwarts";
 
export async function GETfunction GET({ request, params }: APIEvent): Promise<Response>({ request(parameter) request: Request, params(parameter) params: {
    [key: string]: string;
} }: APIEvent(alias) interface APIEvent
import APIEvent) {
  const cookieconst cookie: Record<string, string> = parseCookieParse a cookie header.

Parse the given cookie header string into an object
The object has the various cookies as keys(names) => values

(alias) parseCookie(str: string, options?: CookieParseOptions | undefined): Record<string, string>
import parseCookie(request(parameter) request: Request.headersReturns a Headers object consisting of the headers associated with request. Note that headers added in the network layer by the user agent will not be accounted for in this object, e.g., the &quot;Host&quot; header.

(property) Request.headers: Headers.get(method) Headers.get(name: string): string | null("Cookie") ?? "");
  const userIdconst userId: string = cookieconst cookie: Record<string, string>['userId'];
  if (!userIdconst userId: string) {
    return new ResponseThis Fetch API interface represents the response to a request.

var Response: new (body?: BodyInit | null | undefined, init?: ResponseInit | undefined) => Response("Not logged in", { status(property) ResponseInit.status?: number | undefined: 401 });
  }
  const houseMasterconst houseMaster: {
    name: string;
    house: string;
    id: string;
} = await hogwartsimport hogwarts.getHouseMaster(method) getHouseMaster(house: string): {
    name: string;
    house: string;
    id: string;
}(params(parameter) params: {
    [key: string]: string;
}.housestring);
  if (houseMasterconst houseMaster: {
    name: string;
    house: string;
    id: string;
}.id(property) id: string !== userIdconst userId: string) {
    return new ResponseThis Fetch API interface represents the response to a request.

var Response: new (body?: BodyInit | null | undefined, init?: ResponseInit | undefined) => Response("Not authorized", { status(property) ResponseInit.status?: number | undefined: 403 });
  }
  return jsonA JSON response. Converts `data` to JSON and sets the `Content-Type` header.

(alias) json<{
    students: {
        name: string;
        house: string;
        year: string;
    }[];
}>(data: {
    students: {
        name: string;
        house: string;
        year: string;
    }[];
}, init?: number | ResponseInit): Response
import json({ 
    students(property) students: {
    name: string;
    house: string;
    year: string;
}[]: await hogwartsimport hogwarts.getStudents(method) getStudents(house: string, year: string): {
    name: string;
    house: string;
    year: string;
}[](params(parameter) params: {
    [key: string]: string;
}.housestring, params(parameter) params: {
    [key: string]: string;
}.yearstring) 
  });
}

This is a very simple example and quite unsecure, but you can see how you can use cookies to read and store session data. Read the session documentation for more information on how to use cookies for more secure session management.

You can read more about using HTTP cookies in the MDN documentation.

Exposing a GraphQL API

SolidStart makes it easy to implement a GraphQL API. The graphql function takes a GraphQL schema and returns a function that can be used as an API route handler.

Install the graphql library
Then in any route file you can implement a graphql api like below

routes/graphql.ts

ts
import { buildSchemaA helper function to build a GraphQLSchema directly from a source
document.

(alias) function buildSchema(source: string | Source, options?: BuildSchemaOptions & ParseOptions): GraphQLSchema
import buildSchema, graphql(alias) function graphql(args: GraphQLArgs): Promise<ExecutionResult>
import graphql } from "graphql";
import { type APIEvent(alias) interface APIEvent
import APIEvent, jsonA JSON response. Converts `data` to JSON and sets the `Content-Type` header.

(alias) function json<Data>(data: Data, init?: number | ResponseInit): Response
import json } from "solid-start";
 
// Define GraphQL Schema
const schemaconst schema: GraphQLSchema = buildSchemaA helper function to build a GraphQLSchema directly from a source
document.

(alias) buildSchema(source: string | Source, options?: (BuildSchemaOptions & ParseOptions) | undefined): GraphQLSchema
import buildSchema(`
  type Message {
      message: String
  }
 
  type Query {
    hello(input: String): Message
    goodbye: String
  }
`);
 
// Define GraphQL Resolvers
const rootValueconst rootValue: {
    hello: () => {
        message: string;
    };
    goodbye: () => string;
} = {
    hello(property) hello: () => {
    message: string;
}: () => {
        return {
            message(property) message: string: "Hello World"
          }
  },
  goodbye(property) goodbye: () => string: () => {
      return "Goodbye"
  }
};
 
// request handler
const handlerconst handler: (event: APIEvent) => Promise<Response> = async (event(parameter) event: APIEvent: APIEvent(alias) interface APIEvent
import APIEvent) => {  
 
  // get request body
  const bodyconst body: any = await new ResponseThis Fetch API interface represents the response to a request.

var Response: new (body?: BodyInit | null | undefined, init?: ResponseInit | undefined) => Response(event(parameter) event: APIEvent.request(property) FetchEvent.request: Request.body(property) Body.body: ReadableStream<Uint8Array> | null).json(method) Body.json(): Promise<any>()
 
  // pass query and save results
  const resultconst result: ExecutionResult<ObjMap<unknown>, ObjMap<unknown>> = await graphql(alias) graphql(args: GraphQLArgs): Promise<ExecutionResult<ObjMap<unknown>, ObjMap<unknown>>>
import graphql({rootValue(property) GraphQLArgs.rootValue?: unknown, schema(property) GraphQLArgs.schema: GraphQLSchema, source(property) GraphQLArgs.source: string | Source: bodyconst body: any.queryany})
 
  // send query results as response
  return jsonA JSON response. Converts `data` to JSON and sets the `Content-Type` header.

(alias) json<ExecutionResult<ObjMap<unknown>, ObjMap<unknown>>>(data: ExecutionResult<ObjMap<unknown>, ObjMap<unknown>>, init?: number | ResponseInit): Response
import json(resultconst result: ExecutionResult<ObjMap<unknown>, ObjMap<unknown>>);
};
 
export const GETconst GET: (event: APIEvent) => Promise<Response> = handlerconst handler: (event: APIEvent) => Promise<Response>;
 
export const POSTconst POST: (event: APIEvent) => Promise<Response> = handlerconst handler: (event: APIEvent) => Promise<Response>;

routes/graphql.ts

ts
import { buildSchemaA helper function to build a GraphQLSchema directly from a source
document.

(alias) function buildSchema(source: string | Source, options?: BuildSchemaOptions & ParseOptions): GraphQLSchema
import buildSchema, graphql(alias) function graphql(args: GraphQLArgs): Promise<ExecutionResult>
import graphql } from "graphql";
import { type APIEvent(alias) interface APIEvent
import APIEvent, jsonA JSON response. Converts `data` to JSON and sets the `Content-Type` header.

(alias) function json<Data>(data: Data, init?: number | ResponseInit): Response
import json } from "solid-start";
 
// Define GraphQL Schema
const schemaconst schema: GraphQLSchema = buildSchemaA helper function to build a GraphQLSchema directly from a source
document.

(alias) buildSchema(source: string | Source, options?: (BuildSchemaOptions & ParseOptions) | undefined): GraphQLSchema
import buildSchema(`
  type Message {
      message: String
  }
 
  type Query {
    hello(input: String): Message
    goodbye: String
  }
`);
 
// Define GraphQL Resolvers
const rootValueconst rootValue: {
    hello: () => {
        message: string;
    };
    goodbye: () => string;
} = {
    hello(property) hello: () => {
    message: string;
}: () => {
        return {
            message(property) message: string: "Hello World"
          }
  },
  goodbye(property) goodbye: () => string: () => {
      return "Goodbye"
  }
};
 
// request handler
const handlerconst handler: (event: APIEvent) => Promise<Response> = async (event(parameter) event: APIEvent: APIEvent(alias) interface APIEvent
import APIEvent) => {  
 
  // get request body
  const bodyconst body: any = await new ResponseThis Fetch API interface represents the response to a request.

var Response: new (body?: BodyInit | null | undefined, init?: ResponseInit | undefined) => Response(event(parameter) event: APIEvent.request(property) FetchEvent.request: Request.body(property) Body.body: ReadableStream<Uint8Array> | null).json(method) Body.json(): Promise<any>()
 
  // pass query and save results
  const resultconst result: ExecutionResult<ObjMap<unknown>, ObjMap<unknown>> = await graphql(alias) graphql(args: GraphQLArgs): Promise<ExecutionResult<ObjMap<unknown>, ObjMap<unknown>>>
import graphql({rootValue(property) GraphQLArgs.rootValue?: unknown, schema(property) GraphQLArgs.schema: GraphQLSchema, source(property) GraphQLArgs.source: string | Source: bodyconst body: any.queryany})
 
  // send query results as response
  return jsonA JSON response. Converts `data` to JSON and sets the `Content-Type` header.

(alias) json<ExecutionResult<ObjMap<unknown>, ObjMap<unknown>>>(data: ExecutionResult<ObjMap<unknown>, ObjMap<unknown>>, init?: number | ResponseInit): Response
import json(resultconst result: ExecutionResult<ObjMap<unknown>, ObjMap<unknown>>);
};
 
export const GETconst GET: (event: APIEvent) => Promise<Response> = handlerconst handler: (event: APIEvent) => Promise<Response>;
 
export const POSTconst POST: (event: APIEvent) => Promise<Response> = handlerconst handler: (event: APIEvent) => Promise<Response>;

Exposing a tRPC Server route

Let's see how to expose a tRPC server route. First you write your router, put it in a separate file so that you can export the type for your client.

lib/router.ts

tsx
import { initTRPC } from '@trpc/server';
import { z } from 'zod';
const t = initTRPC.create();
export const appRouter = t.router({
  hello: t.procedure.input(z.string().nullish()).query(({ input }) => {
    return `hello ${input ?? 'world'}`;
  }),
});
export type AppRouter = typeof appRouter;

lib/router.ts

tsx
import { initTRPC } from '@trpc/server';
import { z } from 'zod';
const t = initTRPC.create();
export const appRouter = t.router({
  hello: t.procedure.input(z.string().nullish()).query(({ input }) => {
    return `hello ${input ?? 'world'}`;
  }),
});
export type AppRouter = typeof appRouter;

Here is a simple client that you can use in your routeData function to fetch data from your tRPC server. You can also use the proxy in createServerData$ and createServerAction$ functions, but it's usually better to just use it in a createResource or createRouteData function.

lib/trpc.ts

tsx
import {
  createTRPCProxyClient,
  httpBatchLink,
  loggerLink,
} from '@trpc/client';
import type { AppRouter } from "./router";
export const client = createTRPCProxyClient<AppRouter>({
  links: [loggerLink(), httpBatchLink({ url: "http://localhost:3000/api/trpc" })],
});

lib/trpc.ts

tsx
import {
  createTRPCProxyClient,
  httpBatchLink,
  loggerLink,
} from '@trpc/client';
import type { AppRouter } from "./router";
export const client = createTRPCProxyClient<AppRouter>({
  links: [loggerLink(), httpBatchLink({ url: "http://localhost:3000/api/trpc" })],
});

Finally, you can use the fetch adapter to write an API route that acts as the tRPC server.

routes/api/trpc/[trpc].ts

tsx
import { type APIEvent } from "solid-start/api";
import { fetchRequestHandler } from '@trpc/server/adapters/fetch';
import { appRouter } from "~/lib/router";
const handler = (event: APIEvent) => 
  fetchRequestHandler({
    endpoint: '/api/trpc',
    req: event.request,
    router: appRouter,
    createContext: () => ({}),
  });
export const GET = handler;
export const POST = handler;

routes/api/trpc/[trpc].ts

tsx
import { type APIEvent } from "solid-start/api";
import { fetchRequestHandler } from '@trpc/server/adapters/fetch';
import { appRouter } from "~/lib/router";
const handler = (event: APIEvent) => 
  fetchRequestHandler({
    endpoint: '/api/trpc',
    req: event.request,
    router: appRouter,
    createContext: () => ({}),
  });
export const GET = handler;
export const POST = handler;

Learn more about tRPC here.