The rules for turning apps into agent APIs.

By creating an account or using Ejector, you agree to these Terms and to our Privacy Policy. If you're using Ejector for an organization, you confirm you have authority to bind it.

Ejector analyzes a web app you connect — via its source code, a supported platform, or live network traffic — and generates an agent-callable API for it: an OpenAPI 3.1 spec and an MCP server. You may optionally route agent calls through our managed proxy, which injects your credentials and handles auth, or run that yourself via the self-hosted proxy or direct auth patch.

You're responsible for your account, your API keys, and all activity under them. Keep your keys secret; rotate or revoke them from Settings if exposed. Tell us promptly about any unauthorized use.

This is the most important section. You may only use Ejector to eject apps you're entitled to:

• Ownership / authorization required. Connect only repositories, platform accounts, and live URLs that you own or are explicitly authorized to access and automate.
• Domain verification for capture.Generating an API from a live site's network traffic requires proving control of that domain (DNS or well-known file). Don't attempt to capture or build APIs against apps you don't control.
• Respect the target.Don't use Ejector to circumvent a third party's terms, rate limits, access controls, or applicable law, or to scrape or attack systems.
• No abuse of the platform.No attempts to break tenant isolation, exfiltrate other users' data, overwhelm the service, or resell access in violation of these terms.

When you add server-side credentials, you authorize Ejector's proxy to use them to act as your app on behalf of your agents. Calls are real and can read, write, and trigger actions — including, where you enable it, payments. You are solely responsible for what your agents do, for scoping the credentials you provide, and for the consequences of those actions.

You retain all rights to your source code, generated specs, and credentials. You grant Ejector a limited, revocable license to process them solely to provide the service — analyze your app, serve its spec/MCP, and proxy calls you direct. We claim no ownership and, as stated in the Privacy Policy, don't use them to train models. Removing a source or deleting your account revokes this license.

• Paid plans are billed through Stripe on a monthly or annual cycle.
• Agent calls through the managed proxy are metered against your plan. Usage beyond your plan is billed as overage at the rate shown on the Pricing page, or you can upgrade.
• Self-hosted modes (you run the proxy, or apply the direct auth patch) aren't in our request path and aren't per-call metered — they run on flat plan pricing.
• Fees are exclusive of taxes. You can upgrade, downgrade, or cancel anytime; annual plans are prorated.

The self-hosted proxy generator and auth patch produce code that runs on yourinfrastructure. Once deployed, Ejector isn't in the path: we don't control, secure, or have visibility into those deployments, and they're provided as-is for you to operate and secure.

We work hard on reliability but Ejector is provided “as is”without warranties of any kind. Extraction is best-effort: generated specs may be incomplete or imperfect, and capture results depend on the target app. Beta features may change or be removed. You're responsible for reviewing generated APIs before relying on them in production.

To the maximum extent permitted by law, Ejector isn't liable for indirect, incidental, or consequential damages, or for actions your agents take through APIs you create. Our total liability for any claim is limited to the amount you paid us in the three months before the claim.

You agree to indemnify Ejector against claims arising from your use of the service in breach of these terms — in particular, connecting or automating apps you weren't authorized to, or your agents' actions through the APIs you create.

You can stop using Ejector and delete your account anytime. We may suspend or terminate access for breach of these terms — especially unauthorized targeting of apps you don't control or attempts to compromise the platform — generally with notice where practical.

We may update these terms; material changes will be reflected in the date above and, when significant, announced to account holders. Continued use means acceptance. Questions: legal@ejector.dev.