// use case

Expose your Next.js dev server on a public HTTPS URL

next dev binds 0.0.0.0:3000 by default but stays inside your LAN. You need a [public HTTPS URL](/blog/expose-localhost-2026-guide) — for OAuth callbacks, Stripe webhooks, mobile testing, or sharing a preview. lrok wraps the dev server with one command and keeps HMR + WebSockets intact.

1
Run Next.js as usual
```
$ npm run dev   # http://localhost:3000
```

Tunnel it

$ lrok http 3000
  Forwarding https://violet-mole.lrok.io  ->  http://127.0.0.1:3000

3
Pin a stable URL with a reservation
Reserved subdomains are free on the lrok plan, so OAuth provider callbacks set once and stay set. Pass --hint to reuse the name.
```
$ lrok reserve mysite
$ lrok http 3000 --hint mysite
```
No allowedDevOrigins gymnastics
Next.js 16 added allowedDevOrigins to lock down the dev server; lrok hits it as a real HTTPS host header, so add your subdomain there once and you are done.

// why lrok for this

Next.js HMR is a WebSocket — tunnels that buffer or strip Upgrade headers break it. lrok proxies WS frames byte-for-byte. Real cert at the edge means NextAuth.js / Clerk / Stripe see https:// and stop complaining. (The edge TLS cert comes from Let's Encrypt via Traefik — see [reading Traefik ACME JSON](/blog/reading-traefik-acme-json) for how that works under the hood.) If you're wiring up product analytics alongside Clerk, see our [PostHog setup for a 2-person devtool](/blog/posthog-setup-for-tiny-devtool) for the exact config we shipped.

Start free Install the CLI See pricing

Expose your Next.js dev server on a public HTTPS URL

Run Next.js as usual

Tunnel it

Pin a stable URL with a reservation

No allowedDevOrigins gymnastics

Related workflows