Starlight Bridge middleware
The safe bridge between cloud software and local controls.
Cloudbeds, booking tools, lock platforms, Home Assistant, and local devices should not all share passwords or expose secrets. Starlight Bridge gives each system a controlled lane.
Cloudbeds-style hospitality bridge
A booking platform can send authorized reservation or status events to `api.starlightlabllc.com`. Starlight Bridge validates the event, fetches detail only when needed, maps rooms to local devices, and sends a sanitized event to Home Assistant.
- Booking system remains the source of truth.
- Home Assistant remains local and owner-controlled.
- Vendor secrets stay in the middleware runtime environment.
- Guest PINs and private guest data stay out of GitHub and dashboards.
Working product name
Recommended name: Starlight Bridge.
It is simple, descriptive, and fits the service: it bridges cloud software, local Home Assistant systems, vendor APIs, and real-world devices.
What the service includes
A real middleware service, not just a script.
To sell this as a business service, Starlight Bridge should become a repeatable product pattern: setup checklist, authorization flow, customer mapping, dry-run previews, logs, monitoring, backups, and support boundaries.
- API authorization and webhook setup.
- Event validation, retry handling, and failure alerts.
- Room, device, lock, sign, and climate mapping.
- Dry-run previews before live automation.
- Audit-safe logs without secrets or private guest data.
- Customer-specific deployment and support documentation.
Webhook intake
Fast public HTTPS endpoints for vendor callbacks, designed to acknowledge quickly and process safely.
Token handling
OAuth, API tokens, refresh logic, and secret storage belong in the private runtime environment.
Audit logs
Readable logs of what happened, why it happened, which rule made the decision, and whether it was preview-only or live.
Local delivery
Forward only safe, normalized events into Home Assistant, dashboards, vendor APIs, or local support tools.
Customer mapping
Map rooms, locks, thermostats, signs, cameras, staff roles, notification rules, and business-specific exceptions.
Support boundary
Keep the public website, API callback endpoint, customer runtime, and secrets clearly separated.