Quick Start
Get VYREX running on Vercel with Discord integration in under 10 minutes.
- Fork or clone the repository to your GitHub account.
- Import to Vercel — go to vercel.com/new, choose your repo, and deploy.
- Add environment variables in Vercel → Project → Settings → Environment Variables. At minimum:
DISCORD_CLIENT_ID,DISCORD_CLIENT_SECRET,DISCORD_BOT_TOKEN,VYREX_OWNER_DISCORD_ID. - Set up Upstash Redis — create a free database at upstash.com and add
UPSTASH_REDIS_REST_URLandUPSTASH_REDIS_REST_TOKEN. - Add OAuth redirect — in the Discord Developer Portal, under your app → OAuth2 → Redirects, add
https://your-domain.vercel.app/oauth-callback. - Redeploy so new env vars take effect. Then open
/dashboardand click Sync from Discord.
Deployment
VYREX is designed for Vercel but runs anywhere Node.js serverless functions are supported.
Vercel (recommended)
The root vercel.json handles all routing. Static files are served from the root directory; API functions live in api/.
{
"rewrites": [
{ "source": "/dashboard", "destination": "/dashboard.html" },
{ "source": "/api/discord-token", "destination": "/api/oauth?__op=discord-token" },
{ "source": "/api/bot-config", "destination": "/api/bot-config" }
]
}Self-hosted / other providers
Run npm install then serve static files with any web server and set up serverless functions using the provider's Node.js runtime. Ensure all /api/* paths route to the corresponding api/*.js files.
Environment Variables
All configuration is done through environment variables. Never commit secrets to your repository.
Discord (required)
| Variable | Required | Description |
|---|---|---|
| DISCORD_CLIENT_ID | Required | Your Discord application's client / application ID |
| DISCORD_CLIENT_SECRET | Required | OAuth2 client secret for token exchange |
| DISCORD_BOT_TOKEN | Required | Bot token from Discord Developer Portal → Bot → Token |
| DISCORD_APPLICATION_ID | Optional | Same as DISCORD_CLIENT_ID — used as fallback |
Access Control
| Variable | Required | Description |
|---|---|---|
| VYREX_OWNER_DISCORD_ID | Required | Founder Discord user ID — full platform access |
| VYREX_COOWNER_DISCORD_IDS | Optional | Comma-separated Owner-tier Discord IDs |
| VYREX_STAFF_DISCORD_IDS | Optional | Comma-separated Staff-tier Discord IDs |
| VYREX_DASH_API_KEY | Optional | Long random string for API key auth (no OAuth needed) |
Storage
| Variable | Required | Description |
|---|---|---|
| UPSTASH_REDIS_REST_URL | Recommended | Upstash Redis REST endpoint URL |
| UPSTASH_REDIS_REST_TOKEN | Recommended | Upstash Redis REST token |
| VYREX_ALLOW_MEMORY_FALLBACK | Optional | Set to true to allow in-memory fallback when Redis is unavailable |
Bot Setup
Configure your Discord application and bot token for full dashboard integration.
Creating your Discord Application
- Go to discord.com/developers/applications and click New Application.
- Under Bot, click Add Bot. Copy the token and add it as
DISCORD_BOT_TOKENon Vercel. - Under OAuth2 → General, copy the Client ID and Client Secret. Add them as
DISCORD_CLIENT_IDandDISCORD_CLIENT_SECRET. - Under OAuth2 → Redirects, add your deployment URL:
https://your-domain.vercel.app/oauth-callback. - Enable Presence Intent, Server Members Intent, and Message Content Intent under Bot → Privileged Gateway Intents.
Inviting the bot
Use the Add bot to Discord button on the homepage, or generate the invite URL manually:
https://discord.com/api/oauth2/authorize
?client_id=YOUR_CLIENT_ID
&permissions=8
&scope=bot%20applications.commandsBot Branding
Customise your bot's avatar, status, activity, and per-server nicknames from the dashboard.
Global Settings
Navigate to Dashboard → Bot Branding. Changes are saved to /api/bot-config (Redis-backed) and your local cache. Your bot worker reads these settings on startup or when you trigger a /reload command.
| Setting | Description |
|---|---|
| Avatar URL | PNG/JPG image URL. Your bot must have permissions to change its avatar via the API. |
| Banner URL | Profile banner (requires Discord Nitro on the bot account). |
| Global Nickname | Default display name across all servers (max 32 chars). |
| Brand Colour | Hex colour used in auto-generated embeds and the dashboard accent. |
| Activity Type | Watching, Playing, Listening to, Competing in, Streaming, or Custom. |
| Activity Text | Text shown after the activity type in the member list (max 128 chars). |
| Online Status | Online (green), Idle (yellow), Do Not Disturb (red), Invisible. |
Per-server Nicknames
In the Per-server Nicknames card, add rows for each server where you want a custom nickname. These are stored separately at /api/bot-config?guildId=SERVER_ID and can be read individually by your bot worker per guild.
POST /api/bot-config with {"guildId": "123", "nickname": "MyBot"} saves a per-guild config. GET /api/bot-config?guildId=123 retrieves it.Commands
VYREX supports both slash commands (/command) and the legacy text prefix (>command).
Core Commands
| Command | Description |
|---|---|
| /help | List all available commands with descriptions |
| /setup | Interactive server setup wizard (admin only) |
| /prefix <char> | Change the text command prefix for this server |
| /status | Show bot status, shard, and uptime |
| /reload | Reload bot config from /api/bot-config (owner only) |
| /ping | Show bot latency and Discord API response time |
| /ban <user> | Ban a user from the server |
| /kick <user> | Kick a user from the server |
| /mute <user> | Timeout a user (requires Moderate Members permission) |
| /warn <user> | Issue a warning (logged to audit) |
| /embed | Send a custom embed using the Embed Builder config |
Authentication
VYREX uses PKCE-based Discord OAuth and server-backed email/password sessions via Upstash Redis.
Discord OAuth (PKCE)
- User clicks Continue with Discord. The browser generates a 48-byte random code verifier.
- The SHA-256 hash of the verifier (code challenge) is sent to Discord's authorize URL.
- Discord redirects to
/oauth-callbackwith an auth code. - The callback calls
POST /api/discord-token, sending the code + verifier. The server exchanges these for an access token without the client_secret ever touching the browser. - The access token is used to call
GET /users/@meon Discord's API to get the user's ID and email.
Email + Password
Accounts are stored in Upstash Redis under vyrex:acc:<id>. Passwords are hashed server-side with scrypt. Sessions are 32-byte random tokens stored under vyrex:sess:<token> with a 30-day TTL.
Tier System
All role checks happen server-side in api/_lib/serverAccountTier.js:
| Tier | Access Level | Set via |
|---|---|---|
| Founder | Full platform access including Founder panel | VYREX_OWNER_DISCORD_ID |
| Owner | Team management, system ops, subscriptions | VYREX_COOWNER_DISCORD_IDS |
| Staff | Analytics, logs, admin accounts view | VYREX_STAFF_DISCORD_IDS |
| Member | Dashboard, commands, modules, automations | Everyone else |
Embed Builder
Build rich Discord embeds visually and export the JSON to use in any bot.
Using the Embed Builder
Navigate to Dashboard → Embed Builder. The live preview updates as you type. When done, click Copy JSON to get the payload.
JSON Output Format
{
"embeds": [{
"color": 5046271,
"author": { "name": "VYREX", "url": "https://vyrex.gg" },
"title": "Embed Title",
"description": "Your **markdown** text here.",
"fields": [
{ "name": "Field 1", "value": "Value 1", "inline": true },
{ "name": "Field 2", "value": "Value 2", "inline": true }
],
"footer": { "text": "VYREX Bot" },
"timestamp": "2025-01-01T00:00:00.000Z"
}]
}Quick Presets
8 built-in presets: Welcome, Announcement, Warning, Success, Error, Info, Rules, Event. Click any to load it into the builder.
Team & Roles
Manage your platform team using Discord ID allowlists on Vercel environment variables.
Adding Team Members
- Get the team member's Discord user ID (right-click their name in Discord → Copy User ID, with Developer Mode on).
- Add the ID to
VYREX_COOWNER_DISCORD_IDS(Owner) orVYREX_STAFF_DISCORD_IDS(Staff) on Vercel — comma-separated for multiple IDs. - Redeploy the project. The team member can now sign in with Discord and access their tier-appropriate sections.
VYREX_OWNER_DISCORD_ID. It cannot be shared or transferred.API Overview
All VYREX API routes are serverless Node.js functions deployed alongside the static site.
Base URL
https://your-domain.vercel.app/api/Authentication
API routes accept two auth methods:
- API Key:
x-vyrex-api-key: YOUR_DASH_API_KEYheader — full access - Discord OAuth:
Authorization: Bearer DISCORD_ACCESS_TOKEN— access scoped by Discord ID tier
Available Routes
| Route | Method | Description |
|---|---|---|
| /api/health | GET | Service health check — no auth required |
| /api/discord-token | POST | Exchange Discord auth code for access token |
| /api/auth-accounts | GET/POST/PUT | User account management and sessions |
| /api/bot-snapshot | GET | Fetch bot's guilds from Discord API |
| /api/bot-config | GET/POST | Bot branding and per-server configuration |
| /api/workspace-store | GET/POST | Persist dashboard workspace state to Redis |
| /api/guild-plan | GET/POST | Manage per-guild billing plan |
| /api/connection-status | GET | Configuration and storage health summary |
| /api/connection-selftest | GET | Full self-test with latency measurements |
Auth Endpoints
The /api/auth-accounts endpoint handles registration, login, sessions, and admin operations.
POST /api/auth-accounts — Register
{ "action": "register", "email": "user@example.com", "password": "secret", "displayName": "Alex" }POST /api/auth-accounts — Login
{ "action": "login", "email": "user@example.com", "password": "secret" }Returns: { "ok": true, "token": "SESSION_TOKEN", "account": {...}, "tier": "member" }
GET /api/auth-accounts?me=1
Requires Authorization: Bearer SESSION_TOKEN. Returns the current account and computed tier.
Bot Config API
Store and retrieve bot customisation settings per-guild or globally.
GET /api/bot-config
Returns global config. Append ?guildId=SERVER_ID for per-guild config.
POST /api/bot-config — Global
{
"activityType": "watching",
"activityText": "your server",
"onlineStatus": "online",
"brandColor": "#4d7cff",
"globalNick": "VYREX",
"avatarUrl": "https://cdn.example.com/avatar.png"
}Requires Founder or Owner auth (API key or elevated Discord ID).
POST /api/bot-config — Per-guild
{ "guildId": "1234567890", "nickname": "MyBot", "prefix": "!", "embedColor": "#00e894" }Requires any valid auth (Discord OAuth or API key).
FAQ
Common questions about VYREX setup and configuration.
Why does /api/bot-snapshot show 0 servers?
The bot snapshot requires DISCORD_BOT_TOKEN set on Vercel and a valid Discord or API key auth header. Sign in with Discord in the dashboard and click Sync from Discord.
My session expires — how do I extend it?
Sessions last 30 days (Redis TTL). The dashboard auto-refreshes the server session if you're active. Re-signing in creates a fresh session.
Can I run multiple bots from one dashboard?
Currently one bot token per deployment. To manage multiple bots, deploy separate instances of VYREX with different environment variables.
How do I enable Stripe billing?
Add STRIPE_SECRET_KEY, STRIPE_WEBHOOK_SECRET, STRIPE_PRICE_PRO, and STRIPE_PRICE_PREMIUM to Vercel. The /api/stripe-session handler is ready.
Troubleshooting
Common issues and how to fix them.
"Failed to fetch" on Discord sign-in
The /api/discord-token route is not reachable. Check: (1) the site is deployed on Vercel (not opened as a file), (2) DISCORD_CLIENT_SECRET is set, (3) the redirect URI in Discord Portal matches exactly.
Sessions not persisting across devices
Configure Upstash Redis. Without it, sessions are in-memory and lost on function cold starts.
Bot branding not applying to Discord
The dashboard saves config to /api/bot-config. Your bot worker must read this endpoint and call Discord's API to apply changes. The dashboard does not directly control Discord — it manages your config store.
Owner/Staff access not working
Make sure you signed in with Discord OAuth (not just email). The tier check compares your Discord user ID against the env var allowlists. After adding IDs, redeploy Vercel.