A secure REST API that executes Playwright scripts on banking, payroll, and tax portals. Encrypted credentials, real-time monitoring, and validation summaries for every transaction.
Every job flows through a hardened pipeline with screenshots, validation, and real-time status updates at every stage.
External apps POST to /api/jobs/execute with service, tenant, and input parameters. Authenticated via API key or JWT.
Job enters the pg-boss queue with SKIP LOCKED concurrency. Worker picks it up, decrypts credentials, launches browser.
Playwright navigates the portal step-by-step: login, fill forms, click buttons, capture screenshots. Real-time updates via WebSocket.
Job completes with a structured validation summary: multi-stage checks, extracted data, screenshots, and pass/fail criteria.
Every feature designed around the reality of automating regulated financial portals where accuracy is non-negotiable.
Live job status, step completion events, and human-in-the-loop prompts streamed via PostgreSQL LISTEN/NOTIFY bridged to WebSocket.
Every job produces structured multi-stage checks: login verification, navigation confirmation, data submission, and result extraction.
Chain services together: payment → approve → balance check. Each link tracked with parent/child lineage and separate validation.
Isolated tenant workspaces with separate credentials, API keys, and job histories. Role-based credential sets for complex workflows.
Failed jobs can be retried with one click. Browser sessions persist across runs to skip re-authentication. Human-like interaction delays.
Every step captures a screenshot. HTML reports with timing, success criteria, and extracted data. Full audit trail for compliance.
Credentials and data are encrypted at rest and in transit. Every access is authenticated, every action is logged.
All portal credentials encrypted at rest with AES-256-GCM. Decrypted only in-memory during job execution, never logged or exposed via API.
API key auth for machine-to-machine integration. JWT Bearer tokens for the web UI with 15-minute access tokens and httpOnly refresh cookies.
Winston structured logging with automatic redaction of passwords, credentials, tokens, and API keys from all log output.
Each tenant's credentials, jobs, and data are fully isolated. API keys are scoped to a single tenant. No cross-tenant data leakage.
41 endpoints covering the full automation lifecycle. JSON by default, Protobuf for high-throughput integrations.
Get started with the sandbox, explore the API, or sign up to connect your services.