MakeMySiteLiveMakeMySiteLive

Guide

How to deploy sites with the REST API

Last updated: 21 June 2026

MakeMySiteLive has a public REST API so you can create sites, deploy new versions, and manage domains from a script, a CI/CD pipeline, or your own tools — no dashboard clicks required. You authenticate with a scoped API key and call simple JSON endpoints. Here’s how to get from an API key to a live deploy.

What you’ll need

  • A MakeMySiteLive account (the first site is free — no credit card).
  • An API key created in the dashboard (Dashboard → API keys).
  • An HTTP client — curl, your CI runner, or any language’s HTTP library.
  • Your site as a .zip with an index.html at the root, ready to deploy.

Steps

  1. 1

    Create an API key

    In the dashboard, go to API keys and create one. Choose least-privilege scopes — account:read, sites:read, sites:write, sites:delete, or full access — and copy the key (it starts with mmsl_ and is shown only once).

  2. 2

    Authenticate your requests

    The API base URL is https://www.makemysitelive.com/api. Send your key on every request as the header: Authorization: Bearer mmsl_your_key. Send and receive JSON unless noted.

  3. 3

    List or create a site

    GET /v1/sites lists your sites with their live URLs. To make a new one, POST /v1/sites with a JSON body like {"subdomain":"my-site","name":"My Site"}. The first site is free; further sites use a paid slot.

  4. 4

    Deploy a ZIP

    POST /v1/sites/{id}/deploy with the raw .zip as the request body and the header Content-Type: application/zip (optionally X-File-Name: site.zip). The ZIP must contain a root index.html. The response confirms the new live version.

  5. 5

    Manage versions and settings

    Roll back with POST /v1/sites/{id}/rollback ({"version":N}); toggle password protection (paid sites) with PATCH /v1/sites/{id}/protection; check a name with GET /v1/check-subdomain?name=my-site; or remove a site with DELETE /v1/sites/{id}.

Frequently asked questions

How do I authenticate?

With a personal API key sent as an Authorization: Bearer header. Keys are scoped — account:read, sites:read, sites:write, and sites:delete, or full access — so you can grant least privilege to CI tokens. Create and revoke keys in the dashboard.

Is the deploy body JSON or a file?

For deploys, send the raw .zip bytes as the body with Content-Type: application/zip (not multipart form data and not JSON). All other endpoints use JSON request and response bodies.

What can the API do?

Read your account (GET /v1/me), list and inspect sites, create a site, deploy a new version, roll back, enable/disable password protection, convert a site’s tier, rename its subdomain, and delete it. It shares the same logic as the dashboard, so behaviour is identical.

How is this different from the MCP server?

The REST API is direct HTTP — ideal for scripts, CI/CD, and integrations. The MCP server wraps the same operations so AI assistants like Claude can do them conversationally. Same actions underneath; pick whichever fits your workflow. See the MCP guide for that path.

Related guides

How to make your website liveHow to host an HTML website for freeHow to put a ZIP file online as a website

Ready to go live?

Create a free account and publish your first site in 2 minutes.

Get started free

More: all guides · comparisons · pricing