Deploying Fusio

Introduction

Fusio is an open-source API management platform that helps developers quickly build, document, and monetize REST APIs. Unlike traditional API gateways that simply proxy requests, Fusio provides a complete backend solution with an integrated admin interface, automatic OpenAPI documentation generation, built-in authentication and rate limiting, SDK generation for multiple languages, and a powerful visual flow editor for creating API logic without writing code.

At its core, Fusio transforms API development from a time-consuming, error-prone process into a streamlined workflow. You define your API endpoints through an intuitive web interface, connect them to backend actions (database queries, HTTP requests, transformations), configure authentication schemes (OAuth2, JWT, API keys), set up rate limits per plan, and Fusio automatically generates comprehensive documentation, client SDKs, and even handles monetization through subscription plans and payment processing.

Fusio shines in scenarios where you need to rapidly prototype APIs, build data integration layers, create custom backends for mobile or web applications, monetize data through API subscriptions, or consolidate multiple backend services behind a unified API gateway. It supports complex workflows through its action system—chain database operations, external API calls, data transformations, and custom PHP logic into sophisticated API endpoints without managing separate microservices.

Deploying Fusio on Klutch.sh gives you a production-ready API platform with automatic HTTPS for secure communication, persistent storage for configuration and data, straightforward database connectivity, and the flexibility to scale resources as your API traffic grows—all without wrestling with server provisioning, load balancers, or certificate management.

This guide walks you through deploying Fusio on Klutch.sh using Docker, connecting to a MySQL or MariaDB database, configuring the platform, creating your first API endpoints, setting up authentication, implementing rate limiting, and following production-ready best practices for security, monitoring, and maintenance.

Why Deploy Fusio on Klutch.sh?

Rapid API Development: Build and deploy REST APIs in minutes, not days
Automatic HTTPS: Secure API endpoints with automatic SSL certificates
Persistent Storage: Reliable volume storage for uploads, cache, and logs
Database Integration: Easy connection to MySQL, MariaDB, or PostgreSQL
Scalable Infrastructure: Adjust CPU and RAM as API traffic grows
Built-in Documentation: Automatic OpenAPI/Swagger documentation generation
No Server Management: Focus on API logic, not infrastructure
Cost-Effective: Pay only for resources used, no licensing fees
GitHub Integration: Version-controlled deployment and configuration
Quick Updates: Deploy new Fusio versions with zero downtime

Prerequisites

Before you begin, ensure you have:

A Klutch.sh account
A GitHub account with a repository for your deployment
Basic understanding of REST APIs and HTTP concepts
Familiarity with SQL databases (MySQL/MariaDB/PostgreSQL)

Technical Requirements:

Fusio is a PHP application with moderate resource needs:

Minimum 1GB RAM (2GB+ recommended for production)
At least 5GB persistent storage for uploads and cache
MySQL 5.7+, MariaDB 10.2+, or PostgreSQL 9.6+ database
PHP 8.1+ with required extensions (included in Docker image)

Required Dependencies:

Fusio requires a database. You’ll need to deploy either:

MySQL - see our MySQL deployment guide
MariaDB - see our MariaDB deployment guide (recommended)
PostgreSQL - see our PostgreSQL deployment guide

Understanding Fusio Architecture

Fusio is built as a comprehensive API management system:

Core Components:

Admin Interface: Web-based UI for managing APIs, schemas, and users
Developer Portal: Self-service portal for API consumers to register apps and get credentials
API Gateway: Request routing, authentication, rate limiting, and logging
Action System: Backend logic for API endpoints (database, HTTP, transformations)
Schema System: JSON Schema validation for request/response payloads
Event System: Webhook triggers for API events
Marketplace: Optional monetization through subscription plans

Request Flow:

Client sends request to Fusio API endpoint
Fusio validates authentication (OAuth2, JWT, API key)
Rate limiting checks applied based on plan
Request validated against JSON schema
Action chain executes (database queries, HTTP calls, transformations)
Response validated against schema
Response returned to client
Event triggers fire (webhooks, logging)

Data Storage:

Database: API configuration, users, apps, tokens, logs
Filesystem: Uploaded files, generated SDKs, cache
Cache: Optional Redis/Memcached for performance

Preparing Your Repository

Step 1: Create Project Directory

Create a new directory for your Fusio deployment:

mkdir fusio-api
cd fusio-api

Step 2: Create Dockerfile

Create a Dockerfile for your Fusio deployment:

FROM fusio/fusio:latest

# Fusio latest includes:
# - PHP 8.2 with all required extensions
# - Nginx web server
# - Fusio application and dependencies
# - Composer for package management

# Install additional PHP extensions if needed
RUN apk add --no-cache \
    php82-redis \
    php82-memcached

# Set working directory
WORKDIR /var/www/html

# Configuration will be set via environment variables
# Database credentials passed at runtime

# Expose HTTP port
EXPOSE 80

# Health check
HEALTHCHECK --interval=30s --timeout=10s --start-period=60s \
  CMD curl -f http://localhost/health || exit 1

# Start Fusio (inherited from base image)

Alternative: Custom Build with Extensions

For specific requirements or custom extensions:

FROM php:8.2-fpm-alpine

# Install system dependencies
RUN apk add --no-cache \
    nginx \
    curl \
    git \
    zip \
    unzip \
    libzip-dev \
    libpng-dev \
    libjpeg-turbo-dev \
    freetype-dev \
    icu-dev \
    libxml2-dev \
    oniguruma-dev

# Install PHP extensions
RUN docker-php-ext-configure gd --with-freetype --with-jpeg && \
    docker-php-ext-install -j$(nproc) \
    pdo_mysql \
    mysqli \
    zip \
    gd \
    intl \
    xml \
    mbstring \
    opcache

# Install Composer
COPY --from=composer:latest /usr/bin/composer /usr/bin/composer

# Create application directory
RUN mkdir -p /var/www/html
WORKDIR /var/www/html

# Install Fusio
RUN composer create-project fusio/fusio . && \
    composer install --no-dev --optimize-autoloader

# Configure PHP-FPM
RUN echo "php_admin_value[error_log] = /var/log/php-fpm.log" >> /usr/local/etc/php-fpm.d/www.conf && \
    echo "php_admin_flag[log_errors] = on" >> /usr/local/etc/php-fpm.d/www.conf

# Configure Nginx
COPY nginx.conf /etc/nginx/nginx.conf

# Set permissions
RUN chown -R www-data:www-data /var/www/html && \
    chmod -R 755 /var/www/html

EXPOSE 80

CMD ["sh", "-c", "php-fpm -D && nginx -g 'daemon off;'"]

Step 3: Create Nginx Configuration

Create nginx.conf for the custom build:

user www-data;
worker_processes auto;
pid /run/nginx.pid;

events {
    worker_connections 1024;
}

http {
    include /etc/nginx/mime.types;
    default_type application/octet-stream;

    log_format main '$remote_addr - $remote_user [$time_local] "$request" '
                    '$status $body_bytes_sent "$http_referer" '
                    '"$http_user_agent" "$http_x_forwarded_for"';

    access_log /var/log/nginx/access.log main;
    error_log /var/log/nginx/error.log warn;

    sendfile on;
    tcp_nopush on;
    keepalive_timeout 65;
    gzip on;

    server {
        listen 80;
        server_name _;
        root /var/www/html/public;
        index index.php;

        client_max_body_size 100M;

        location / {
            try_files $uri $uri/ /index.php?$query_string;
        }

        location ~ \.php$ {
            fastcgi_pass 127.0.0.1:9000;
            fastcgi_index index.php;
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            include fastcgi_params;
        }

        location ~ /\.ht {
            deny all;
        }
    }
}

Step 4: Create Environment Configuration

Create a .env.example file for documentation:

# Database Configuration
FUSIO_DB_HOST=mysql-app.klutch.sh
FUSIO_DB_PORT=8000
FUSIO_DB_NAME=fusio
FUSIO_DB_USER=fusio
FUSIO_DB_PASSWORD=your-secure-database-password

# Fusio Configuration
FUSIO_ENV=prod
FUSIO_URL=https://example-app.klutch.sh
FUSIO_SECRET=your-generated-secret-key

# Admin User (created on first deployment)
FUSIO_ADMIN_EMAIL=admin@example.com
FUSIO_ADMIN_PASSWORD=your-secure-admin-password
FUSIO_ADMIN_POINTS=100

# CORS Configuration
FUSIO_CORS=*

# Mail Configuration (optional)
FUSIO_MAILER_DSN=smtp://user:pass@smtp.example.com:587

# Payment Configuration (optional)
# FUSIO_STRIPE_SECRET_KEY=sk_test_xxx
# FUSIO_STRIPE_WEBHOOK_SECRET=whsec_xxx
# FUSIO_PAYPAL_CLIENT_ID=xxx
# FUSIO_PAYPAL_CLIENT_SECRET=xxx

# Cache Configuration (optional)
# FUSIO_CACHE=redis
# FUSIO_CACHE_HOST=redis-app.klutch.sh
# FUSIO_CACHE_PORT=8000

Step 5: Create .gitignore

Create a .gitignore file to exclude sensitive data:

# Environment files
.env
.env.local
.env.production

# Fusio data
/cache/
/public/apps/
/public/projects/

# Logs
*.log
/logs/

# Temporary files
/temp/

# Vendor
/vendor/

# System files
.DS_Store
Thumbs.db

Step 6: Create README.md

Document your deployment:

# Fusio API Platform on Klutch.sh

Open-source API management and monetization platform.

## Quick Start

1. Deploy MySQL/MariaDB database on Klutch.sh
2. Push this repository to GitHub
3. Deploy Fusio on Klutch.sh with HTTP traffic
4. Access admin interface at your assigned URL
5. Create your first API endpoint

## Features

- Visual API Designer
- Automatic OpenAPI Documentation
- OAuth2, JWT, API Key Authentication
- Rate Limiting & Quotas
- SDK Generation
- Developer Portal
- Monetization & Billing

## Configuration

See Klutch.sh dashboard for environment variables and database configuration.

## Documentation

- [Fusio Documentation](https://fusio-project.org/documentation)
- [API Development Guide](https://fusio-project.org/documentation/development)

Step 7: Push to GitHub

Initialize git and push your repository:

git init
git add Dockerfile nginx.conf .env.example .gitignore README.md
git commit -m "Initial Fusio API platform deployment setup"
git branch -M main
git remote add origin https://github.com/your-username/fusio-api.git
git push -u origin main

Deploying the Database

Fusio requires a MySQL, MariaDB, or PostgreSQL database. Deploy the database first before deploying Fusio.

Option 1: Deploy MariaDB on Klutch.sh (Recommended)

Follow our MariaDB deployment guide to set up a database server
Configure the MariaDB deployment with:
- TCP Traffic on port 8000
- Persistent Volume: /var/lib/mysql with at least 5GB
- Environment Variables:
  - MYSQL_ROOT_PASSWORD: Strong root password
  - MYSQL_DATABASE: fusio
  - MYSQL_USER: fusio
  - MYSQL_PASSWORD: Strong user password
Note the connection details:
- Host: your-mariadb-app.klutch.sh
- Port: 8000
- Database: fusio
- Username: fusio
- Password: Your configured password

Option 2: Deploy MySQL on Klutch.sh

Follow our MySQL deployment guide to set up a database server
Configure with similar settings as MariaDB above

Option 3: Use External Managed Database

You can also use external managed database services:

Deploying Fusio on Klutch.sh

Step 1: Create New App

Log in to the Klutch.sh dashboard
Create a new project or select an existing one
Create a new app and configure it:
- Repository: Select your Fusio GitHub repository
- Branch: Choose the branch to deploy (e.g., main or production)
- Traffic Type: Select HTTP (Fusio runs as a web application)
- Internal Port: Set to 80 (Fusio’s Nginx server listens on port 80)

Step 2: Configure Persistent Volumes

Fusio requires persistent storage for uploads, cache, and generated files.

In your app settings, navigate to the Volumes section
Add a volume for Fusio application data:
- Mount Path: /var/www/html/cache
- Size: 5GB (adjust based on expected cache and file upload needs)
(Optional) Add a volume for logs:
- Mount Path: /var/www/html/logs
- Size: 2GB

Step 3: Configure Environment Variables

Set essential environment variables for your Fusio deployment:

In your app settings, navigate to the Environment Variables section

Add the following variables (mark sensitive values as secrets):

Database Configuration:

FUSIO_DB_HOST=your-mariadb-app.klutch.sh
FUSIO_DB_PORT=8000
FUSIO_DB_NAME=fusio
FUSIO_DB_USER=fusio
FUSIO_DB_PASSWORD=your-database-password

Fusio Configuration:

FUSIO_ENV=prod
FUSIO_URL=https://example-app.klutch.sh
FUSIO_SECRET=your-generated-secret-key-minimum-32-chars

Admin User:

FUSIO_ADMIN_EMAIL=admin@example.com
FUSIO_ADMIN_PASSWORD=your-secure-admin-password
FUSIO_ADMIN_POINTS=100

CORS Configuration:

FUSIO_CORS=*

Important: Generate a strong secret key for FUSIO_SECRET. You can use:

openssl rand -base64 32

Step 4: Deploy Your Application

Click Deploy to start the build process
Klutch.sh will:
- Pull your GitHub repository
- Detect the Dockerfile automatically
- Build the Fusio container image
- Deploy it with your configured volumes and environment variables
Monitor the build logs for any errors
Once deployed, your Fusio API platform will be available at https://example-app.klutch.sh
Initial deployment may take 3-5 minutes as Fusio initializes the database and creates tables

Initial Setup and Configuration

After deployment, complete the Fusio initial setup:

Step 1: Access Admin Interface

Navigate to https://example-app.klutch.sh/fusio in your browser
You should see the Fusio login page
Log in with the admin credentials you configured:
- Email: admin@example.com
- Password: Your configured admin password

Step 2: Complete Initial Configuration

After logging in, you’ll see the Fusio admin dashboard
Navigate to System → Settings to review configuration:
- Base URL: Verify it matches your Klutch.sh URL
- Admin Email: Confirm admin contact email
- Points per Month: Set default API credits for new users
Click Save if you made any changes

Step 3: Generate API Documentation

Navigate to System → OpenAPI
Click Generate to create OpenAPI documentation
Access your API documentation at: https://example-app.klutch.sh/documentation

Creating Your First API

Let’s create a simple “Hello World” API endpoint to verify everything works:

Step 1: Create a Schema

Schemas define the structure of your API requests and responses:

Navigate to Schema in the admin interface
Click Create to add a new schema

Configure the response schema:

Name: Hello_Response
Schema:

{
  "type": "object",
  "properties": {
    "message": {
      "type": "string"
    },
    "timestamp": {
      "type": "string",
      "format": "date-time"
    }
  },
  "required": ["message"]
}

Click Create to save the schema

Step 2: Create an Action

Actions define the backend logic for your API:

Navigate to Action in the admin interface
Click Create to add a new action

Configure the action:

Name: Hello_World
Class: Select PHP-Sandbox
Code:

<?php

return [
    'message' => 'Hello, World! Welcome to Fusio API.',
    'timestamp' => date('c')
];

Click Create to save the action

Step 3: Create a Route

Routes define your API endpoints:

Navigate to Routes in the admin interface
Click Create to add a new route
Configure the route:
- Path: /hello
- Public: Enable (no authentication required)
- Methods: Enable GET
Configure the GET method:
- Status: Active
- Response: 200 → Select Hello_Response schema
- Action: Select Hello_World action
Click Create to save the route

Step 4: Test Your API

Test the endpoint using curl:
Terminal window
```
curl https://example-app.klutch.sh/hello
```

You should receive a response:

{
  "message": "Hello, World! Welcome to Fusio API.",
  "timestamp": "2024-01-15T10:30:00+00:00"
}

View the request in Log → System to see details

Database-Connected API

Let’s create an API that interacts with the database:

Step 1: Create a Database Table

Connect to your MySQL/MariaDB database

Create a sample table:

CREATE TABLE products (
  id INT AUTO_INCREMENT PRIMARY KEY,
  name VARCHAR(255) NOT NULL,
  description TEXT,
  price DECIMAL(10, 2) NOT NULL,
  created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
);

INSERT INTO products (name, description, price) VALUES
('Widget', 'A useful widget', 19.99),
('Gadget', 'An amazing gadget', 29.99),
('Tool', 'A handy tool', 39.99);

Step 2: Create Connection

Navigate to Connection in Fusio admin
Click Create to add a database connection

Configure the connection:

Name: Default-Connection
Class: Select SQL
Config:

{
  "type": "pdo_mysql",
  "host": "your-mariadb-app.klutch.sh",
  "port": 8000,
  "username": "fusio",
  "password": "your-database-password",
  "database": "fusio"
}

Click Create and then Test to verify connection

Step 3: Create Schema for Products

Navigate to Schema

Create a schema for the product list:

Name: Product_Collection
Schema:

{
  "type": "object",
  "properties": {
    "items": {
      "type": "array",
      "items": {
        "type": "object",
        "properties": {
          "id": {"type": "integer"},
          "name": {"type": "string"},
          "description": {"type": "string"},
          "price": {"type": "number"}
        }
      }
    },
    "totalResults": {"type": "integer"}
  }
}

Step 4: Create Action for Products

Navigate to Action

Create a new action:

Name: Get_Products
Class: Select SQL-Query-All
Config:

{
  "connection": "Default-Connection",
  "sql": "SELECT id, name, description, price FROM products ORDER BY created_at DESC"
}

Click Create

Step 5: Create Route for Products

Navigate to Routes
Create a new route:
- Path: /products
- Public: Enable
- Methods: Enable GET
Configure GET method:
- Status: Active
- Response: 200 → Select Product_Collection schema
- Action: Select Get_Products action
Click Create

Step 6: Test Products API

curl https://example-app.klutch.sh/products

Response:

{
  "items": [
    {
      "id": 1,
      "name": "Widget",
      "description": "A useful widget",
      "price": 19.99
    },
    {
      "id": 2,
      "name": "Gadget",
      "description": "An amazing gadget",
      "price": 29.99
    },
    {
      "id": 3,
      "name": "Tool",
      "description": "A handy tool",
      "price": 39.99
    }
  ],
  "totalResults": 3
}

Authentication and Security

Setting Up OAuth2 Authentication

Navigate to App → Developer Apps
Click Create to register a new application
Configure the app:
- Name: Test Client
- URL: https://example.com
- Status: Active
- Scopes: Select available scopes
Note the generated App Key and App Secret

Get an access token:

curl -X POST https://example-app.klutch.sh/authorization/token \
  -H "Content-Type: application/json" \
  -d '{
    "grant_type": "client_credentials",
    "client_id": "your-app-key",
    "client_secret": "your-app-secret"
  }'

Use the token to access protected endpoints:

curl https://example-app.klutch.sh/protected-endpoint \
  -H "Authorization: Bearer your-access-token"

Setting Up API Key Authentication

Navigate to User → Users
Select a user or create a new one
Navigate to the Tokens tab
Click Generate to create an API token

Use the token in API requests:

curl https://example-app.klutch.sh/products \
  -H "Authorization: Bearer your-api-token"

Protecting Routes

Navigate to Routes
Select a route to protect
Edit the route and disable Public access
Save the route

Access now requires authentication:

# Without token - 401 Unauthorized
curl https://example-app.klutch.sh/products

# With token - Success
curl https://example-app.klutch.sh/products \
  -H "Authorization: Bearer your-token"

Rate Limiting and Plans

Creating Rate Limit Plans

Navigate to Plan → Plans
Click Create to add a new plan
Configure the plan:
- Name: Free Plan
- Price: 0.00
- Points: 1000 (API credits per period)
- Period: monthly
Create additional plans:
- Basic Plan: 10,000 points/month, $9.99
- Pro Plan: 100,000 points/month, $49.99
- Enterprise Plan: 1,000,000 points/month, $199.99
Click Create for each plan

Assigning Plans to Users

Navigate to User → Users
Select a user
In the Plan section, assign a plan
Set the expiration date
Save changes

Configuring Route Costs

Navigate to Routes
Select a route to configure
In the route configuration, set Costs: Number of points required per request
Save the route
Requests will now consume points from the user’s plan

Developer Portal

The Developer Portal allows API consumers to register, get credentials, and access documentation:

Enabling the Developer Portal

Navigate to System → Settings
Enable Developer Portal
Configure portal settings:
- Registration: Enable/disable user registration
- Approval: Require admin approval for new apps
- Plans: Default plan for new users
Save settings

Accessing the Developer Portal

Navigate to https://example-app.klutch.sh/developer
Users can:
- Register for an account
- Create applications
- Generate API credentials
- View documentation
- Monitor usage and quotas

Advanced Features

Action Chaining

Chain multiple actions together for complex workflows:

Navigate to Action
Create a new action with Action-Chain class

Configure the chain:

{
  "actions": [
    {
      "action": "Get_User_Data",
      "on": "response"
    },
    {
      "action": "Transform_Data",
      "on": "response"
    },
    {
      "action": "Send_Notification",
      "on": "response"
    }
  ]
}

Each action receives output from the previous action

HTTP Proxy Actions

Create API endpoints that proxy to external services:

Navigate to Action
Create action with HTTP-Request class

Configure the proxy:

{
  "url": "https://api.external-service.com/endpoint",
  "method": "GET",
  "headers": {
    "Authorization": "Bearer external-api-token"
  }
}

Attach to a route to expose the proxied endpoint

Data Transformation

Transform API responses with custom logic:

Create action with PHP-Sandbox class

Write transformation logic:

<?php

$input = $request->getBody();

// Transform data
$output = array_map(function($item) {
    return [
        'id' => $item['id'],
        'name' => strtoupper($item['name']),
        'price' => '$' . number_format($item['price'], 2)
    ];
}, $input['items']);

return ['items' => $output];

Event Triggers

Trigger webhooks or actions based on API events:

Navigate to Event → Subscriptions
Create a new subscription
Configure:
- Event: Select event type (route executed, user created, etc.)
- Endpoint: Webhook URL to notify
- Status: Active
Events will trigger HTTP POST requests to your webhook

SDK Generation

Fusio can generate client SDKs in multiple languages:

Generating SDKs

Navigate to System → SDK
Select language:
- JavaScript/TypeScript
- PHP
- Python
- Java
- C#
- Go
- Ruby
Click Generate
Download the generated SDK package
Distribute to API consumers

Using Generated SDK (JavaScript Example)

import FusioClient from './fusio-sdk';

const client = new FusioClient('https://example-app.klutch.sh', {
  clientId: 'your-app-key',
  clientSecret: 'your-app-secret'
});

// Authenticate
await client.authenticate();

// Call API
const products = await client.get('/products');
console.log(products);

// Create resource
const newProduct = await client.post('/products', {
  name: 'New Product',
  price: 49.99
});

Monetization

Setting Up Payment Processing

Navigate to System → Settings

Configure payment provider:

Stripe:

FUSIO_STRIPE_SECRET_KEY=sk_live_xxx
FUSIO_STRIPE_WEBHOOK_SECRET=whsec_xxx

PayPal:

FUSIO_PAYPAL_CLIENT_ID=xxx
FUSIO_PAYPAL_CLIENT_SECRET=xxx

Create paid plans with pricing
Users can subscribe via the Developer Portal

Webhook Handling

Configure webhook endpoints in payment provider dashboard
Set webhook URL: https://example-app.klutch.sh/payment/webhook/{provider}
Fusio automatically processes:
- Payment confirmations
- Subscription renewals
- Payment failures
- Cancellations

Custom Domains

For production use, configure a custom domain:

Step 1: Configure Domain in Klutch.sh

In the Klutch.sh dashboard, navigate to your app settings
Go to the Domains section
Add your custom domain (e.g., api.yourdomain.com)
Klutch.sh will provide DNS records to configure

Step 2: Update DNS Records

Log in to your domain registrar
Add the DNS records provided by Klutch.sh:
- CNAME record pointing to your Klutch.sh app
- Wait for DNS propagation (up to 48 hours)
Klutch.sh will automatically provision SSL certificates

Step 3: Update Fusio Configuration

Update the FUSIO_URL environment variable to your custom domain
Redeploy the application
Update OAuth redirect URIs if using OAuth2
Regenerate OpenAPI documentation with new base URL

Performance Optimization

Enable Caching

Deploy Redis on Klutch.sh (see Redis guide)

Configure Fusio to use Redis:

FUSIO_CACHE=redis
FUSIO_CACHE_HOST=redis-app.klutch.sh
FUSIO_CACHE_PORT=8000

Restart Fusio to apply caching

Database Optimization

Enable Query Caching:
- Cache frequently accessed data
- Use Redis for session storage
Optimize Queries:
- Add indexes to frequently queried columns
- Use pagination for large datasets
- Limit result sets
Connection Pooling:
- Fusio manages connections automatically
- Scale database resources as needed

HTTP Caching

Configure route caching:
- Navigate to Routes
- Edit route
- Set Cache time in seconds
- Save route
Fusio will return cached responses for the specified duration

Security Best Practices

Authentication and Authorization

Use Strong Secrets:
- Generate strong FUSIO_SECRET (32+ characters)
- Rotate secrets periodically
- Store securely in Klutch.sh environment variables
Implement OAuth2:
- Use OAuth2 for third-party integrations
- Implement proper scope restrictions
- Validate redirect URIs
API Key Management:
- Generate unique keys per application
- Implement key rotation
- Revoke compromised keys immediately
Rate Limiting:
- Implement per-user rate limits
- Set different limits per plan
- Monitor for abuse

Input Validation

Use JSON Schema:
- Define strict schemas for all routes
- Validate all inputs
- Reject malformed requests
Sanitize Data:
- Escape SQL queries (Fusio does this automatically)
- Validate data types
- Check for injection attempts
Limit Payload Sizes:
- Configure max request body size in Nginx
- Prevent memory exhaustion attacks

HTTPS and CORS

HTTPS Only:
- Klutch.sh provides automatic HTTPS
- Never expose APIs over HTTP
- Use secure cookies for sessions
Configure CORS:
- Set specific allowed origins (avoid * in production)
- Configure allowed methods and headers
- Use credentials flag appropriately

Security Headers:

Configure in Nginx:

add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";
add_header X-XSS-Protection "1; mode=block";
add_header Referrer-Policy "strict-origin-when-cross-origin";

Monitoring and Logging

Access Logs

Navigate to Log → System in Fusio admin
View API request logs:
- Request method and path
- Response status
- Response time
- IP address
- User agent
Filter logs by:
- Date range
- Route
- Status code
- User

Error Monitoring

Navigate to Log → Errors
View application errors:
- Error messages
- Stack traces
- Request context
Configure error notifications:
- Set up email alerts
- Integrate with error tracking services (Sentry, Bugsnag)

Performance Monitoring

Monitor Response Times:
- View average response times per route
- Identify slow endpoints
- Optimize actions and queries
Track Usage:
- Monitor API calls per user
- Track plan consumption
- Identify popular endpoints
Resource Monitoring:
- Monitor CPU and RAM in Klutch.sh dashboard
- Track database query performance
- Monitor cache hit rates

Backup and Maintenance

Database Backup

Automated Backups:
- Configure database backups in your database deployment
- Export database regularly:
Terminal window
```
mysqldump -h mariadb-app.klutch.sh -P 8000 -u fusio -p fusio > fusio-backup.sql
```
Configuration Backup:
- Store configuration in version control
- Export route configurations
- Backup schemas and actions

Updates and Maintenance

Update Fusio:
- Update Dockerfile to new version
- Push changes to GitHub
- Deploy updated version from Klutch.sh
Database Migration:
- Fusio automatically runs migrations
- Review migration logs
- Test in staging before production
Regular Maintenance:
- Review and optimize slow queries
- Clean up old logs
- Audit user permissions
- Review API usage patterns

Troubleshooting Common Issues

Fusio Won’t Start

Check Database Connection:
- Verify database is running
- Test connection credentials
- Check firewall rules
Review Logs:
- View application logs in Klutch.sh dashboard
- Look for initialization errors
- Check for missing environment variables
Verify Configuration:
- Ensure all required environment variables are set
- Validate FUSIO_URL matches deployment URL
- Check FUSIO_SECRET is at least 32 characters

Database Connection Errors

Verify Credentials:
- Check FUSIO_DB_HOST, FUSIO_DB_PORT
- Verify FUSIO_DB_USER and FUSIO_DB_PASSWORD
- Ensure database name exists

Test Connection:

mysql -h mariadb-app.klutch.sh -P 8000 -u fusio -p

Check Network:
- Ensure database accepts external connections
- Verify TCP traffic enabled on database deployment

API Returns 500 Errors

Check Action Configuration:
- Review action code for syntax errors
- Verify connection configurations
- Test SQL queries manually
Review Error Logs:
- Navigate to Log → Errors in admin
- Check stack traces
- Look for PHP errors
Validate Schema:
- Ensure response matches schema
- Check for missing required fields
- Verify data types

Authentication Issues

Verify Credentials:
- Check app key and secret
- Verify token hasn’t expired
- Ensure scopes are correct
Check Route Configuration:
- Verify route is not set to public
- Ensure authentication is enabled
- Check required scopes

Test Token Generation:

curl -X POST https://example-app.klutch.sh/authorization/token \
  -H "Content-Type: application/json" \
  -d '{"grant_type": "client_credentials", "client_id": "key", "client_secret": "secret"}'

Production Deployment Checklist

Before going live with Fusio:

Resources and Further Reading

Conclusion

Deploying Fusio on Klutch.sh provides a powerful, production-ready platform for building, managing, and monetizing REST APIs. With automatic HTTPS, persistent storage, straightforward database connectivity, and the flexibility to scale resources as needed, you can focus on creating great APIs rather than managing infrastructure.

This guide covered everything from initial deployment to advanced features like authentication, rate limiting, SDK generation, payment integration, and production best practices. Whether you’re building a simple data API, creating a backend for a mobile app, or launching an API-as-a-Service business, Fusio on Klutch.sh provides the tools and reliability you need.

Remember to keep your system updated, monitor API usage, implement proper authentication and rate limiting, and follow security best practices to protect your APIs and data. For additional help or questions, refer to the resources above or engage with the Fusio community.

Happy API building!