SuperImpress

Hosting & Domain Structure

Decision on subdomain layout for the SuperImpress platform

SuperImpress uses a subdomain-per-service layout under the superimpress.com domain.

Domain map

ServiceURLDescription
Frontendhttps://app.superimpress.comReact SPA — main user interface
Backendhttps://api.superimpress.comElysia API server
Docshttps://docs.superimpress.comTanStack Start + Fumadocs site

Why subdomains

  1. Clear separation of concerns: Each service is independently deployable and has its own subdomain, making routing, monitoring, and debugging straightforward.
  2. Independent scaling: Frontend, backend, and docs can be scaled and cached differently based on their traffic profiles.
  3. Simpler CORS configuration: A well-known API origin (api.) makes cross-origin rules explicit and easy to audit.
  4. Cookie isolation: Auth cookies can be scoped to app. while the API on api. uses token-based auth, reducing cookie leakage surface.
  5. Conventional naming: app. / api. / docs. is a widely recognised pattern that is intuitive for developers and end-users.

CORS and auth implications

  • The backend at api.superimpress.com must allowlist https://app.superimpress.com as a permitted origin.
  • Credentials (cookies/tokens) must be forwarded cross-origin; the backend CORS config needs credentials: true.
  • The docs site is public and does not require CORS configuration against the API.

References

Environment Variable Validation

Decision to validate backend and frontend environment variables at startup

Bun - Fast JavaScript Runtime & Package Manager

Decision to use Bun for fast installs and unified tooling

On this page

Domain mapWhy subdomainsCORS and auth implicationsReferences