Developer Console
Sign in to manage your Agentic SSO applications.
DEVELOPER CONSOLE
Welcome to GEOstack.
You're now part of the agentic internet infrastructure. Here's everything you need to get started.
1. Register your app
Go to Applications → New Application. You'll get a client_id and client_secret.
2. Verify your domain
Add a DNS TXT record to prove ownership. Verified apps get a trust badge on the consent screen.
3. Integrate the consent flow
Redirect users to the consent URL. AI agents receive scoped Visas — OAuth for machines.
4. Read the docs
Full API reference with code examples in cURL, Node.js, and Python.
Overview
Your Agentic SSO at a glance.
0
Applications
0
Active Visas
0
Sessions
0
Events (24h)
Recent Events
| Event | App | Time |
|---|
Applications
Manage your partner apps.
| Name | Domain | Verified | Status | Created |
|---|
Visas
All visas issued across your applications.
| Agent | Scopes | Status | Issued | Last Used |
|---|
Event Log
Audit trail of all SSO operations.
| Type | Agent | Details | Time |
|---|
Webhooks
Get notified when things happen.
| URL | Events | Status | Last Fired |
|---|
API Keys
Stripe-style keys for machine-to-machine authentication.
Environment
PUBLISHABLE KEY
SECRET KEY
Save these now. The secret key will never be shown again.
Active Keys
| Key | Type | Environment | Last Used |
|---|
Sessions
Active MCP sessions across your applications.
| Agent | IP | Tools Used | Active | Started |
|---|
Analytics
Usage metrics and insights for your applications.
Today
0
API calls
This Week
0
API calls
This Month
0
API calls
Error Rate
0%
0 / 0 failed
Visa Activity
Agent Breakdown
Top Scopes
Peak Usage
Busiest Hour
—
No data yet
Prompt File
Define your app's Action Layer — the tools AI agents can use.
Validation
Edit the JSON and click Validate to check.
Tool Preview
Tools will appear here after validation.
Test Visa
Issue a short-lived visa to test your MCP tools from Claude, ChatGPT, or curl.
VISA TOKEN
MCP URL
Claude Desktop: Settings → MCP → Add → paste MCP URL
ChatGPT: Settings → MCP → Add Server → paste MCP URL
curl:
ChatGPT: Settings → MCP → Add Server → paste MCP URL
curl:
Expires in 1 hour. For testing only.
Connect Button
Copy-paste this button onto your website so users can connect from their AI chat.
Tool Console
Request / Response
Execute a tool to see the result.
Payment Layer (Stripe Connect)
Connect your Stripe account to accept payments through AI agents. GEOstack takes 5%.
Not Connected
Account:
Revenue
Tool usage and payment tracking across your apps.
Total Revenue
$0.00
Your Earnings (95%)
$0.00
Platform Fee (5%)
$0.00
Tool Calls
0
— % success
Tool Breakdown
| Tool | Calls | Errors | Revenue |
|---|---|---|---|
| No data yet | |||
Recent Tool Activity
No activity yet
Quick Start
Integrate Agentic SSO in under 5 minutes. Free.
1. Register your app
curl -X POST https://shadow.geostack.xyz/api/v1/sso-dash/apps \
-H "Authorization: Bearer YOUR_JWT" \
-H "Content-Type: application/json" \
-d '{
"app_name": "My SaaS",
"domain": "mysaas.com",
"redirect_uri": "https://mysaas.com/callback"
}'
# Returns: app_id + app_secret (save both!)
# Then generate API keys from the dashboard
# You'll get: geo_pk_live_xxx + geo_sk_live_xxx
2. Redirect users to the consent screen
https://geostack.xyz/sso?app_id=YOUR_APP_ID&redirect_uri=https://mysaas.com/callback&scopes=read:data,write:data&state=RANDOM_STATE
3. Validate a visa token
curl -X POST https://shadow.geostack.xyz/api/v1/sso/validate \
-H "Authorization: Bearer geo_sk_live_YOUR_SECRET_KEY" \
-H "Content-Type: application/json" \
-d '{"visa_token": "VISA_TOKEN_FROM_USER"}'
4. Set up a webhook (optional)
curl -X POST https://shadow.geostack.xyz/api/v1/sso-dash/webhooks \
-H "Authorization: Bearer geo_sk_live_YOUR_SECRET_KEY" \
-H "Content-Type: application/json" \
-d '{
"app_id": "YOUR_APP_ID",
"url": "https://mysaas.com/webhooks/geostack",
"events": ["visa.issued", "visa.revoked", "visa.validated"]
}'
1. Redirect user to consent screen
// In your app, redirect the user:
const consentUrl = new URL('https://geostack.xyz/sso');
consentUrl.searchParams.set('app_id', 'YOUR_APP_ID');
consentUrl.searchParams.set('redirect_uri', 'https://mysaas.com/callback');
consentUrl.searchParams.set('scopes', 'read:data,write:data');
consentUrl.searchParams.set('state', crypto.randomUUID());
res.redirect(consentUrl.toString());
2. Handle callback & validate visa
// In your callback route (e.g. /callback)
const visaToken = req.query.visa_token;
const state = req.query.state; // verify this matches!
const res = await fetch('https://shadow.geostack.xyz/api/v1/sso/validate', {
method: 'POST',
headers: {
'Authorization': 'Bearer geo_sk_live_YOUR_SECRET_KEY',
'Content-Type': 'application/json',
},
body: JSON.stringify({ visa_token: visaToken }),
});
const { data } = await res.json();
if (data.valid) {
console.log('Agent authorized:', data.scopes);
// Store visa_token for future agent requests
} else {
console.log('Denied:', data.error);
}
3. Verify webhook signatures
import crypto from 'node:crypto';
app.post('/webhooks/geostack', (req, res) => {
const signature = req.headers['x-geostack-signature'];
const expected = 'sha256=' + crypto
.createHmac('sha256', 'YOUR_WEBHOOK_SECRET')
.update(JSON.stringify(req.body))
.digest('hex');
if (signature !== expected) {
return res.status(401).send('Invalid signature');
}
const event = req.headers['x-geostack-event'];
console.log(`Event: ${event}`, req.body.data);
res.status(200).send('OK');
});
1. Redirect user to consent screen
from urllib.parse import urlencode
import uuid
params = urlencode({
'app_id': 'YOUR_APP_ID',
'redirect_uri': 'https://mysaas.com/callback',
'scopes': 'read:data,write:data',
'state': str(uuid.uuid4()),
})
consent_url = f'https://geostack.xyz/sso?{params}'
# redirect user to consent_url
2. Validate visa token
import requests
def validate_visa(visa_token: str) -> dict:
resp = requests.post(
'https://shadow.geostack.xyz/api/v1/sso/validate',
headers={
'Authorization': 'Bearer geo_sk_live_YOUR_SECRET_KEY',
'Content-Type': 'application/json',
},
json={'visa_token': visa_token},
)
return resp.json()['data']
result = validate_visa(visa_token)
if result['valid']:
print(f"Authorized: {result['scopes']}")
else:
print(f"Denied: {result['error']}")
3. Verify webhook signatures (Flask)
import hmac, hashlib
from flask import Flask, request
WEBHOOK_SECRET = 'YOUR_WEBHOOK_SECRET'
@app.route('/webhooks/geostack', methods=['POST'])
def handle_webhook():
sig = request.headers.get('X-GEOstack-Signature', '')
expected = 'sha256=' + hmac.new(
WEBHOOK_SECRET.encode(),
request.data,
hashlib.sha256
).hexdigest()
if not hmac.compare_digest(sig, expected):
return 'Invalid', 401
event = request.headers.get('X-GEOstack-Event')
print(f'Event: {event}', request.json['data'])
return 'OK', 200