Skip to content
Press.js Press.js Press.js Docs

URL Deploys

URL deploys let Press.js Cloud render a Press.js document application that is already hosted at an absolute HTTP or HTTPS URL. Instead of uploading built artifacts into Press.js Cloud, you point the deploy at that hosted Press.js target and submit render jobs against it.

Use a URL deploy when your Press.js document app is built and deployed by another system, or when the same hosted Press.js application should be rendered by Press.js Cloud without managing deploy versions in Cloud.

The target URL must serve a built Press.js document app, the same kind of app you render locally with press render.

For example, the hosted Press.js target can be served from Cloudflare Pages, Vercel, or a custom domain.

A URL deploy stores a targetUrl on the deploy. Render jobs use deployVersionId: "latest" and load the configured target URL directly.

URL deploys differ from managed deploys in a few important ways:

CapabilityManaged deployURL deploy
Artifact uploadsYesNo
Deploy versionsYesNo
AliasesYesNo
Render targetUploaded version routeHosted Press.js target URL
Render payload, env, and secretsYesYes

When a render job is created, Press.js Cloud snapshots the current target URL into the job. If you update the deploy target later, existing jobs keep rendering the URL they were created with.

URL deploy rendering is external network access. It follows the workspace plan’s external access policy, render timeout, concurrency, output retention, and storage limits.

Free workspaces cannot render external Press.js target URLs. Paid workspaces can render external Press.js targets subject to the normal render limits.

From the dashboard, choose New Deploy, select URL, then enter the hosted Press.js target URL.

From the CLI:

Terminal window
press deploys create \
--slug hosted-report \
--name "Hosted Report" \
--type url \
--target-url https://app.example.com/report

From the REST API:

Terminal window
curl -X POST "$PRESS_CLOUD_API/v1/deploys" \
-H "Authorization: Bearer $PRESS_CLOUD_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"slug": "hosted-report",
"name": "Hosted Report",
"type": "url",
"targetUrl": "https://app.example.com/report"
}'

Changing the target URL affects future render jobs only.

Terminal window
press deploys update dep_abc123 --target-url https://app.example.com/report-v2
Terminal window
curl -X PATCH "$PRESS_CLOUD_API/v1/deploys/dep_abc123" \
-H "Authorization: Bearer $PRESS_CLOUD_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"targetUrl": "https://app.example.com/report-v2"
}'

Submit render jobs with deployVersionId: "latest":

Terminal window
curl -X POST "$PRESS_CLOUD_API/v1/render-jobs" \
-H "Authorization: Bearer $PRESS_CLOUD_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"deployId": "dep_abc123",
"deployVersionId": "latest",
"payload": {
"customer": "Acme Corp"
},
"outputMode": "transient"
}'

The hosted page can still read render payloads, environment variables, and secrets through the normal pressCloud runtime APIs.

Some hosted Press.js targets require machine-to-machine authentication. Configure the required credentials as deploy secrets from the deploy settings. Press.js Cloud keeps deploy secrets encrypted and write-only, then uses supported secret conventions during render.

Credential headers are sent only when the request origin matches the deploy target URL origin.

Basic AuthAuthorization header

For targets protected by HTTP Basic authentication, add these deploy secrets:

Deploy secretUsed for
BASIC_AUTH_USERNAMEUsername in the Basic Auth credential pair
BASIC_AUTH_PASSWORDPassword in the Basic Auth credential pair

During render, Press.js Cloud sends Authorization: Basic <base64(username:password)> to the target origin.

Cloudflare AccessService token headers

For targets protected by Cloudflare Zero Trust Access service tokens, add these deploy secrets:

Deploy secretHeader sent to the target origin
CF_ACCESS_CLIENT_IDCF-Access-Client-Id
CF_ACCESS_CLIENT_SECRETCF-Access-Client-Secret

Rotate these values from the target provider first, then update the deploy secrets before submitting new render jobs.