## POST /api/v2/private-networks

**Create Cloud VPS private network**

Create a private network for Cloud VPS workflows. `name` is required and capped at 100 characters. `parentCidr` is optional; when supplied it must be a `/21`. If omitted, the server allocates a parent range and creates the first `/24` subnet.

### Related Endpoints

- `GET /api/v2/private-networks`: List Cloud VPS private networks
- `GET /api/v2/private-networks/{id}`: Get private network details
- `GET /api/v2/vps/payg/limits`: Get Cloud VPS PAYG resource limits

### Headers

- `Accept`: application/json
- `Authorization`: Bearer YOUR_API_KEY
- Required API scope: `write:network`
- `Content-Type`: application/json

### Request Body

- `name` (string, required) Example: `production-private`
- `region` (string, optional) Example: `stockholm`
- `description` (string,null, optional) Example: `Private backend network`
- `parentCidr` (string, optional) Example: `10.42.0.0/21`

### Request Examples

#### Create with automatic CIDR allocation

```bash
curl -X POST "https://cloud.hostup.se/api/v2/private-networks" \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Accept: application/json" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "production-private",
    "region": "stockholm",
    "description": "Private backend network"
  }'
```

```json
{
  "name": "production-private",
  "region": "stockholm",
  "description": "Private backend network"
}
```

#### Create with explicit /21 CIDR

```bash
curl -X POST "https://cloud.hostup.se/api/v2/private-networks" \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Accept: application/json" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "production-private",
    "region": "stockholm",
    "parentCidr": "10.42.0.0/21"
  }'
```

```json
{
  "name": "production-private",
  "region": "stockholm",
  "parentCidr": "10.42.0.0/21"
}
```

### Response Schema

- `id` (string, required) Example: `pnet_01hxa3b4c5d6e7f8g9h0j1k2m3`
- `name` (string, required) Example: `production-private`
- `parentCidr` (string, required) Example: `10.42.0.0/21`
- `region` (string,null, required) Example: `stockholm`
- `status` (string, required) Example: `active`
  Allowed values: provisioning, active, deprovisioning, retired, unknown
- `subnetCount` (number, required) Example: `1`
- `attachedVpsCount` (number, required) Example: `0`
- `subnets` (array<object>, required)
- `subnets[].id` (string, required) Example: `subnet_01hxa3b4c5d6e7f8g9h0j1k2m3`
- `subnets[].subnetCidr` (string, required) Example: `10.42.0.0/24`
- `subnets[].vlanTag` (number,null, required) Example: `253`
- `subnets[].gateway` (string,null, required) Example: `10.42.0.1`
- `subnets[].status` (string, required) Example: `active`
  Allowed values: provisioning, active, deprovisioning, retired, unknown
- `attachedVps` (array<object>, required)
- `attachedVps[].id` (string, required) Example: `vps_01hxa3b4c5d6e7f8g9h0j1k2m3`
- `attachedVps[].name` (string, required) Example: `web-01`
- `attachedVps[].primaryIp` (string,null, required) Example: `10.42.0.10`
- `actions` (object, required)
- `actions.canDelete` (object, required)
- `actions.canDelete.allowed` (boolean, required) Example: `true`
- `actions.canDelete.reason` (string,null, required) Example: `null`
- `actions.canAddSubnet` (object, required)
- `actions.canAddSubnet.allowed` (boolean, required) Example: `true`
- `actions.canAddSubnet.reason` (string,null, required) Example: `null`
- `createdAt` (string, required) Example: `2026-04-27T12:00:00.000Z`

### Responses

#### 201 - Private network created.
```json
{
  "id": "pnet_01hxa3b4c5d6e7f8g9h0j1k2m3",
  "name": "production-private",
  "parentCidr": "10.201.64.0/21",
  "region": "dc1r28",
  "status": "provisioning",
  "subnetCount": 1,
  "attachedVpsCount": 0,
  "subnets": [
    {
      "id": "subnet_01hxa3b4c5d6e7f8g9h0j1k2m3",
      "subnetCidr": "10.201.64.0/24",
      "vlanTag": 253,
      "gateway": "203.0.113.10",
      "status": "provisioning"
    }
  ],
  "attachedVps": [],
  "actions": {
    "canDelete": {
      "allowed": false,
      "reason": "Retire all child subnets before deleting."
    },
    "canAddSubnet": {
      "allowed": false,
      "reason": "Private network limit reached."
    }
  },
  "createdAt": "2026-04-27T12:00:00.000Z"
}
```

#### 400 - Invalid request. The response body is an RFC 7807 Problem Details document.
```json
{
  "type": "https://developer.hostup.se/errors/invalid_request",
  "title": "Invalid request",
  "status": 400,
  "detail": "The request body failed validation.",
  "code": "invalid_request",
  "instance": "/api/v2/resource",
  "requestId": "req_01hxa3b4c5d6e7f8g9h0j1k2m3",
  "timestamp": "2026-04-27T12:34:56.000Z",
  "errors": [
    {
      "pointer": "/items/0/domainName",
      "detail": "`domainName` is required.",
      "code": "invalid_request"
    }
  ]
}
```

#### 401 - Unauthorized. Authentication is required.
```json
{
  "type": "https://developer.hostup.se/errors/unauthorized",
  "title": "Unauthorized",
  "status": 401,
  "detail": "Authentication is required.",
  "code": "unauthorized",
  "instance": "/api/v2/resource",
  "requestId": "req_01hxa3b4c5d6e7f8g9h0j1k2m3",
  "timestamp": "2026-04-27T12:34:56.000Z"
}
```

#### 403 - Forbidden. The caller lacks a required scope or does not own the resource.
```json
{
  "type": "https://developer.hostup.se/errors/forbidden",
  "title": "Forbidden",
  "status": 403,
  "detail": "The caller lacks a required scope or does not own the resource.",
  "code": "forbidden",
  "instance": "/api/v2/resource",
  "requestId": "req_01hxa3b4c5d6e7f8g9h0j1k2m3",
  "timestamp": "2026-04-27T12:34:56.000Z"
}
```

#### 404 - Not found. The resource does not exist or is not owned by the caller.
```json
{
  "type": "https://developer.hostup.se/errors/not_found",
  "title": "Not found",
  "status": 404,
  "detail": "The requested resource could not be found.",
  "code": "not_found",
  "instance": "/api/v2/resource",
  "requestId": "req_01hxa3b4c5d6e7f8g9h0j1k2m3",
  "timestamp": "2026-04-27T12:34:56.000Z"
}
```

#### 429 - Rate limited. Retry after the limit resets. 429 responses include `Retry-After` seconds plus `X-RateLimit-*` headers.
```json
{
  "type": "https://developer.hostup.se/errors/rate_limit_exceeded",
  "title": "Too many requests",
  "status": 429,
  "detail": "Too many requests. Retry after the limit resets.",
  "code": "rate_limit_exceeded",
  "instance": "/api/v2/resource",
  "requestId": "req_01hxa3b4c5d6e7f8g9h0j1k2m3",
  "timestamp": "2026-04-27T12:34:56.000Z"
}
```

#### 500 - Internal error. Retry later or contact support if the issue persists.
```json
{
  "type": "https://developer.hostup.se/errors/internal_error",
  "title": "Internal server error",
  "status": 500,
  "detail": "An unexpected error occurred. Retry later or contact support if the issue persists.",
  "code": "internal_error",
  "instance": "/api/v2/resource",
  "requestId": "req_01hxa3b4c5d6e7f8g9h0j1k2m3",
  "timestamp": "2026-04-27T12:34:56.000Z"
}
```