Broch Documentation
Broch exposes your local services to the internet securely — receive webhooks, share work in progress, and test integrations without deploying.
Using Broch
Section titled “Using Broch”Already have access to a Broch server? Start here.
- Broch-Hosted Trial — Use the Broch-hosted server at trial.broch.io
- CLI Reference — Command reference and common use cases
Sharing
Section titled “Sharing”Expose local services through your Broch server.
- Sharing Local Services — Create tunnels and read the live request log
- Scenarios — Webhooks, demos, mobile testing, and more
- Proxy Behavior & Limitations — How Broch forwards requests, and what it doesn’t
Self-Hosting
Section titled “Self-Hosting”Deploy your own Broch server for your team or organization.
- Overview & Checklist — Plan your deployment before you start
- Choose Your Platform — Docker Compose, Azure, AWS, DigitalOcean
- Database — Embedded vs. external PostgreSQL
- Wildcard Domain & DNS — Set up your tunnel domain
- TLS Certificates — Wildcard certificate setup by platform
- Ingress & Reverse Proxy — Put Broch behind your load balancer or proxy
- Licensing — Get a license for your deployment, starting with a 15-day free trial
- First-Run Setup — What happens in the app after the server boots
- Upgrading — Roll a deployment forward (and back) safely
Identity Providers
Section titled “Identity Providers”Configure SSO for your Broch deployment.
Administration
Section titled “Administration”Operate a self-hosted server — users, share policies, and settings.
- First Login — Initial setup after deploying your server
- Users & Seats — Manage who can create tunnels
- Share Policies — Restrict who can reach tunnels by IP network, HTTP header, or both
- Services — Register backend services
- Configuration — Server settings
Configuration
Section titled “Configuration”- Environment Variables — Complete server configuration reference
- Health Checks — Liveness and readiness endpoints, and how to probe them
Security
Section titled “Security”- Security Overview — Zero-trust architecture, customer-owned at-rest encryption, and the shared-responsibility model