Skip to main content
Bolt.new, Replit Agent, and Lovable all run in the browser. Since the Spine API authenticates via an X-API-KEY header, you need a thin server-side proxy to keep the key off the client. The calling pattern is the same across all three.

Download reference proxy

spine-proxy.ts — a minimal Next.js / Edge-compatible proxy

Architecture

Set your API key

Add SPINE_API_KEY to your project’s environment / secrets: Create a key at platform.getspine.ai/keys.

Proxy setup

Bolt.new / Next.js

Create app/api/spine/run/route.ts:

Replit

Create a simple Express endpoint or use Replit’s built-in HTTP handler:

Lovable

Lovable uses Supabase Edge Functions. Create supabase/functions/spine-run/index.ts:

Browser-side calling pattern

Once your proxy is deployed, the browser code is the same regardless of tool: