# Tokay documentation

Everything Tokay does, explained. Start with the promise and your first deploy, then go deeper as your app grows.

## Start here

- [What is Tokay](what-is-tokay.md). The promise, the four service types, and what your account includes.
- [Your first deploy](your-first-deploy.md). Paste code, get a live service. Start here with code in hand.
- [Deploy from Git](deploy-from-git.md). Push to a Tokay hosted repo.
- [Deploy from GitHub](deploy-from-github.md). Connect a GitHub repo and keep working there.
- [Deploy with an AI agent](deploy-with-an-ai-agent.md). Hand the whole job to an agent, and why that's safe here.
- [Which service type is my code?](which-service-type.md) Web app, scheduled job, webhook, or worker.
- [Supported languages and stacks](languages-and-stacks.md). What Tokay detects and runs.

## How Tokay works

- [How Tokay is organized](how-tokay-is-organized.md). Workspaces, projects, services, and code, and what shares what.
- [How Tokay sets up your app](how-tokay-sets-up-your-app.md). What's detected, what you review, and what stays predictable.
- [Permissions](permissions.md). Who can reach what, and what each credential can do.
- [Your server](your-server.md). The dedicated VM everything runs on.

## Your services

- [Web apps](web-apps.md). URLs, HTTPS, zero downtime updates.
- [Scheduled jobs](scheduled-jobs.md). Plain language schedules, run history, failure alerts.
- [Webhooks](webhooks.md). Your URL, request logs, testing and replay.
- [Background workers](background-workers.md). Kept alive, restarted, swapped cleanly.

## Working with your app

- [Secrets and environment variables](secrets-and-environment-variables.md). Encrypted storage, runtime delivery, never in code or logs.
- [Databases](databases.md). Created when needed, queryable in the browser, exportable always.
- [Database migrations](database-migrations.md). Rehearsed on a copy before production, snapshots, confirmation for destructive changes.
- [Deploys, updates, and rollback](deploys-and-rollback.md). The pipeline, zero downtime cutover, one click restore.
- [Files and persistent storage](persistent-storage.md). What survives a deploy and how to keep uploads safe.
- [Service files](service-files.md). Browse, download, upload, and rescue files without SSH.
- [One-off tasks](one-off-tasks.md). Run a maintenance command in your app's own environment.
- [Editing your code](editing-your-code.md). Browser editing, git, and the one way door between them.
- [Logs and debugging](logs-and-debugging.md). Live logs, plain English errors, Copy for AI.
- [Projects and organization](projects.md). Grouping, dashboards, deploy all, auto-deploy.
- [Pause and resume](pause-and-resume.md). Stop a service without losing anything.
- [Deleting and restoring](deleting-and-restoring.md). The 30-day trash.

## Access and domains

- [Who can open your app](who-can-open-your-app.md). Public by default, coworkers by magic link, and the access log.
- [Public endpoints](public-endpoints.md). Keep an app private while one path stays public.
- [Machine tokens](machine-tokens.md). Let scripts and CI call your protected apps.
- [Custom domains](custom-domains.md). Your apps on your domain.

## Account

- [Workspaces and members](workspaces-and-members.md). Teams, roles, invitations.
- [SSH keys and git tokens](ssh-keys-and-git-tokens.md). Credentials for pushing code.
- [Security](security.md). The isolation model and everything else the security reviewer asks.

## For AI agents

- [For AI agents](for-ai-agents.md). Credentials, the deploy loop, and what's stable to rely on. Written for the agent.
- [Files and one-off tasks for agents](agent-files-and-tasks.md). SAVED vs CURRENT scopes, file tickets, live file rescue, and runServiceTask. Written for the agent.
- [Operating and recovering services for agents](agent-operations.md). Logs, failure diagnosis, runs and test events, pause, rollback, and the trash. Written for the agent.
- [Managed databases for agents](agent-databases.md). The query envelope, exports, credential rotation, and snapshots. Written for the agent.
- [Releases and migration safety for agents](agent-releases.md). Rehearsal evidence, confirming parked releases, and the safety dial. Written for the agent.
- [App access control for agents](agent-access.md). Private projects, visitors, public endpoints, and machine tokens. Written for the agent.
- [Identity and permissions for agents](agent-identity.md). Scoped bot identities, grant actions, and reading denials. Written for the agent.

## When something's wrong

- [Troubleshooting](troubleshooting.md). Symptom first fixes.

Can't find it? Email hello@tokay.io.
