Remote Access

Understand the risks

Beeper Desktop API is designed to be used locally on your computer. Exposing it to the internet can expose chat history and might allow others to send messages on your behalf. Please only continue if you understand the risks.

Beeper is not responsible for any consequences arising from exposing Beeper Desktop API to the internet.

By default, Beeper Desktop API and MCP server comes with limitations for security:

• The server binds to localhost, so only the local machine is allowed to connect.
• URLs in OpenAPI spec, OAuth discovery endpoints use http://localhost:23373 (or the custom port you set)
• CORS headers also limit access to the local machine

You can enable Remote Access in Settings → Developers → Beeper Desktop API → Advanced settings to expose the API to the internet. This will change the following:

• The server binds to 0.0.0.0, listening on every network interface, including VPNs and tunnel adapters.
• Base URL is computed from X-Forwarded-Host, X-Forwarded-Proto, and forwarded port headers when traffic arrives via a proxy or tunnel. If those headers are missing, it falls back to the direct host that reached your machine.
• OAuth discovery endpoints (/.well-known/...) allow cross-origin GET requests so they can be accessed and used by external services.

This allows you to tunnel/proxy traffic to your local machine and make sure everything works as expected. For example, this is required for PKCE authentication to work properly with external services like ChatGPT, n8n, Claude.ai, and more.

Tunneling

Beeper does not provide any tunneling services. Easiest way to expose the API to the internet is to use a third-party tunneling service like Cloudflare or Tailscale.

Cloudflare Quick Tunnels Ephemeral HTTPS URL over Cloudflare servers with minimal setup