All Features

Call any API.
One tap.

Trigger webhooks, deploy to production, control smart home devices, or call any REST API. Credentials stay safe in your macOS Keychain.

How It Works

Your iPhone sends the request details. Your Mac makes the HTTP call.

01

Tap

Tap an API button on your iPhone. The request config is sent to your Mac over WebSocket.

02

Execute

Your Mac resolves any secrets, builds the HTTP request, and sends it to the target API.

03

Result

HTTP status and response are shown as a notification. Success or failure, you always know.

Full HTTP Support

All standard methods. Custom headers. Request bodies. Configurable timeouts.

GET

Check status, fetch data, health checks

POST

Deploy, trigger webhooks, create resources

PUT

Update resources, replace configurations

PATCH

Partial updates, toggle settings

DELETE

Remove resources, clean up

1MB response limit, 5-min max timeout

Configuration

Define API buttons in your YAML config. Headers, body, timeout — all in one place.

Deploy Webhook 
- id: trigger-webhook
  label: Deploy
  icon: arrow.up.circle.fill
  color: "#10B981"
  action: restApi
  httpMethod: POST
  httpURL: https://api.example.com/deploy
  httpHeaders:
    Authorization: "Bearer YOUR_TOKEN"
    Content-Type: "application/json"
  httpBody: '{"branch": "main"}'
  timeoutSeconds: 30
Status Check 
- id: check-status
  label: Status
  icon: checkmark.circle
  color: "#3B82F6"
  action: restApi
  httpMethod: GET
  httpURL: https://api.example.com/status

Secure Credentials

API tokens and secrets never appear as plain text in your config file.

Two reference syntaxes

$secret{name}

Reads from macOS Keychain. Managed via the Manage Secrets window (⌘⇧S).

$env{NAME}

Reads an environment variable on the Mac host. Great for CI/CD or shared setups.

How it stays safe

  • Resolved on the Mac at request time — iOS never sees actual values
  • Secrets stored in macOS Keychain under a dedicated service entry
  • Missing secrets produce clear error messages at tap time
  • Config file is safe to commit to version control
Secrets in YAML 
- id: deploy-prod
  label: Deploy
  icon: arrow.up.circle.fill
  color: "#10B981"
  action: restApi
  httpMethod: POST
  httpURL: $env{DEPLOY_API_URL}
  httpHeaders:
    Authorization: "Bearer $secret{deploy_token}"
    Content-Type: "application/json"
  httpBody: '{"branch": "main"}'

What You Can Build

Any service with an HTTP API is one tap away.

CI/CD Deploy

Trigger production deploys

Smart Home

Hue, Home Assistant, MQTT

Slack / Discord

Post messages via webhook

Status Monitoring

Check uptime and health

IFTTT Applets

Trigger any automation

External APIs

Any service with HTTP

Property Reference

Property Required Description
httpMethod Yes GET, POST, PUT, PATCH, or DELETE
httpURL Yes Full URL (must include http:// or https://)
httpHeaders No Dictionary of HTTP headers (e.g., Authorization, Content-Type)
httpBody No Request body as string (JSON or plain text)
timeoutSeconds No Request timeout in seconds (default: 30, max: 300)

Any API. One tap.

Download PromptDeck Host and start automating.

Download for Mac