Turn any web app into an agent-callable API.

Your app was built for humans. Point Ejector at a codebase, a platform, or any live URL — it gives AI agents a clean, typed API to do everything your UI can: read data, change settings, even make payments. Agents call a real API, not a browser.

AI agentClaude · GPT · Cursor
ejector key
Ejectorauth + routing
user token
Your appyour servers
real action
DB / Stripe
An agent calls Ejector with one key — Ejector authenticates as the user and forwards to your live app. Reads, writes, even payments.

Works with the stacks, platforms & auth you already use

tRPCNext.jsExpressFastifyDjangoFastAPIGraphQLPrismaDrizzleNode.jstRPCNext.jsExpressFastifyDjangoFastAPIGraphQLPrismaDrizzleNode.js
StripeShopifyNotionWordPressWooCommerceAirtableFirebaseAuth0ClerkSupabaseStripeShopifyNotionWordPressWooCommerceAirtableFirebaseAuth0ClerkSupabase
Deep extraction

It finds the actions your API never exposed.

Ejector walks your code the way a compiler does — tRPC procedures, REST routes, server actions, database queries, webhooks. Including the operations that have no public API and were only ever reachable through the UI.

sourceextracted operationsyour-app / srcapi/checkout/route.tsRESTtrpc/router.tstRPCapp/actions.tsactiondb/queries.tsSQLhooks/stripe.tswebhookejectorparse · type · map authGETlistInvoicesPOSTcreateOrderPATCHupdateProfilePOSTrefundPaymentno public API — extracted anywayGETsearchProducts
Ejector parses the source, not the docs — every route, procedure, action, query, and webhook becomes a typed, callable operation.
How it works

Three steps from app to agent.

01

Connect your app

Point Ejector at a GitHub repo, a platform like Shopify or Stripe, or any live URL. It detects the stack and maps every endpoint, server action, and database query.

02

Configure & secure

Verify your domain, then choose exactly what agents can reach. Server-side keys are encrypted at rest (AES-256-GCM) — or self-host the proxy so they never leave your servers.

03

Agents go live

Get an OpenAPI spec and an MCP server. Any agent — Claude, Cursor, GPT — authenticates as a real user and does anything the UI can do.

Three engines, any app

However your app is built, Ejector has a way in.

Engine 01

Source Code

Point at a GitHub repo. AST analysis extracts tRPC, Next.js routes, server actions, DB queries, GraphQL, and Python backends.

input → GitHub URL or local path
Engine 02

Platform

Shopify, Stripe, Notion, WordPress and more — auto-detected from the URL. Their official API, wrapped as agent tools.

input → Just an API key
Engine 03

Network Capture

No repo, no problem. A headless browser navigates the live app and reverse-engineers the API from real traffic.

input → Any URL on the web
Customer Connect

Let your customers' agents act as themselves.

Drop one snippet into your app. Each customer signs in — or signs up — with their own login and gets a personal agent connection. Their AI does everything they could in your app, acting only as them. Per-customer keys, full isolation, instant revoke. Usage bills to you.

  • One embeddable widget — or a shareable link
  • Each customer connects their own account, fully isolated
  • You verify your domain first, so no one can impersonate your app
your-app.com/index.htmlhtml
<!-- one line in your app -->
<script src="https://ejector.dev/embed.js"
  data-ejector-key="ej_pub_…"
  data-label="Connect your AI agent" defer></script>
For the agent builder

One key. Every action. Real auth.

Your agent logs in with the user's own credentials and calls clean functions. Under the hood Ejector handles cookies, CSRF, sessions, and tokens — whatever the app needs.

  • Reads, writes, and payments — not just GETs
  • Reaches data your UI shows even when no API exposes it
  • Works with Supabase, Firebase, Auth0, Clerk, NextAuth
  • OpenAPI 3.1 + MCP + GPT Actions out of the box
agent.shshell
# one key. Ejector injects the user's session
# and forwards to your live app.
$ curl -X POST https://ejector.dev/api/proxy/<id> \
    -H "Authorization: Bearer ejector_…" \
    -d '{"endpoint":"/api/checkout","method":"POST",
         "body":{"plan":"pro"}}'
→ { "status": 200, "data": { "url":
    "https://checkout.stripe.com/…" } }

Make your app speak agent.

Connect your first app in two minutes. Everything your UI does becomes a clean API call.