Install & run
Pre-built binaries land in Phase 14. Until then:
git clone https://github.com/opalczynski/apiovnia.git
cd apiovnia/apiovnia-app
pnpm install
pnpm tauri:dev # opens the native window with HMR
For a production bundle for your platform: pnpm tauri:build. Output lands in src-tauri/target/release/bundle/. See the Download page for prerequisites.
Where the database lives
Everything is one SQLite file under your platform's XDG data dir:
- Linux
~/.local/share/tech.trurl.apiovnia/apiovnia.db - macOS
~/Library/Application Support/tech.trurl.apiovnia/apiovnia.db - Windows
%APPDATA%\tech.trurl.apiovnia\apiovnia.db
You can cp it to back it up, sqlite3 into it to inspect, or delete it for a fresh state. There's no cloud component. There's no account. There's a file. That's the whole storage layer.
Your first request
- Launch the app. On a fresh DB you'll see the onboarding overlay — pick Create your first project.
- In the middle panel, create a Collection, then a Request inside it. The cascade auto-pick will select the new request for you.
- Type the URL in the bar at the top. Pick a method. Add headers / params / body in the tabs below the URL.
- Hit ⌘ ↵ to send. The response viewer fills the right side — Pretty / Headers / Request / Raw tabs.
- Use ⌘ F inside the Pretty tab to search the JSON tree.
Environments + encryption
Open the env picker in the URL bar (or run "Manage envs & variables" from the palette) to create dev / stage / prod environments for the active project. Each env carries a list of variables you can reference via {{name}} anywhere — URL, headers, body, auth.
For per-request differences (a different host on stage, a different API key on prod), use the Overrides tab. A small amber dot marks any tab that carries overrides for the active env.
Encryption
Right-click an env (or use the palette) and pick Enable encryption for {env}. You'll be asked to set a master password — zxcvbn grades it live with a "cracking time" line, and there's an explicit bypass checkbox for pro users. Apiovnia uses Argon2id (OWASP 2024 baseline) to derive a key and AES-256-GCM to seal the variable values and secret-bearing override fields.
The decryption key never crosses the IPC boundary. Idle auto-lock fires after 10 minutes. Locked envs trigger the unlock modal automatically — and the original Send / Copy / Export retries when the password is entered.
Keyboard shortcuts
| ⌘ P | Open the command palette |
| ⌘ K | Focus the left-panel filter |
| ⌘ N | New request |
| ⌘ ↵ | Send the current request |
| ⌘ 1 / ⌘ 2 / ⌘ 3 | Focus left filter / middle filter / URL bar |
| ⌘ , | Open Settings |
| ⌘ F | Search inside the Pretty JSON tree |
On Linux and Windows, Ctrl stands in for ⌘.
Import / export OpenAPI
Right-click a project → Import OpenAPI… to ingest a YAML or JSON spec. $ref request bodies are resolved and dummy values inferred from the schema. Multi-server specs become real Environments with per-request URL overrides.
Right-click a collection → Export OpenAPI… to save it as YAML with secrets replaced by typed placeholders. The OpLog panel (bottom-right, no auto-dismiss) shows per-request rows + warnings and lets you download a timestamped .log.
Troubleshooting
I changed my mind about my master password
A first-class change-password flow lands with Phase 10. Until then, the safest path is the obvious one: unlock the env, copy variable values out, disable encryption, re-enable with a new password, paste values back. Not elegant. Honest about it.
"database is locked" error
SQLite is single-writer with a 5-second busy timeout. If you see this, it usually means a long migration or external sqlite3 session is open against the DB. Close other readers and retry.
The dev window has no dock icon on Linux
That's a GNOME/KDE thing — the window manager associates icons via the installed .desktop file's StartupWMClass, which only exists after pnpm tauri:build + install. The dev window's icon itself is fine. Welcome to Linux.