Headless forms
One endpoint. Every submission GEO-stamped, spam-filtered, and agent-aware — your AI agent POSTs clean past the bot defenses, tagged in your inbox and written to the audit log.
→ call it liveThree things your agents need, one backend: form endpoints they POST to and sail past the bot defenses, real mailboxes they send, receive, reply, and read OTP codes from, and disposable inboxes for testing email in CI. One token system, one OpenAPI spec they read themselves.
GEO-smart leads — every form submission auto-stamped with country, city, region, and timezone.
Try the live demo on the right → submit, watch the geo light up.
Or call the API live ↓ — all three capabilities, real endpoints.
A real ollastack submission shape. Your location gets stamped on the row automatically — same as every form you'd ship.
Forms in, mail out — one backend, one token system, one console. Each surface is in the OpenAPI spec your agent reads itself.
One endpoint. Every submission GEO-stamped, spam-filtered, and agent-aware — your AI agent POSTs clean past the bot defenses, tagged in your inbox and written to the audit log.
→ call it liveReal email inboxes your agents own: pick an identity (hello@ollastack.com), then send, receive, and reply over the API — inbound is spam-filtered, so the inbox stays clean.
→ /docs/agent-mailDisposable inboxes on @test.ollastack.com: /wait for the email, read codes[0] (the OTP), assert. Unfiltered — a test sees every message.
→ /docs/agent-mailReact to what comes in, triage it with AI, and run it as a team — without standing up a single consumer service.
Auto-tag a lead, route an urgent enquiry to Slack or email, auto-reply to an invoice request — rules run server-side the moment a submission or email lands.
→ /docs/workflow-rulesCategory, sentiment, urgency, a one-line summary, and a suggested reply on every lead and email — on demand, as a rule action, or auto-run on each inbound message.
→ /docs/workflow-rulesInvite teammates into a shared workspace with the right access — owner, admin, member, or a read-only viewer for clients and stakeholders.
→ /docs/teamsGroup forms and agent mailboxes by client, product, or environment — one tidy workspace per project, with file uploads handled by presigned storage.
→ /docs/projectsForms in, mail out, inboxes your agents own. The Forms and Test-inbox demos run for real, right here — no key, no signup. The Agent Mail send is the exact endpoint; copy it into your terminal with a token.
$ curl -X POST https://login.ollastack.com/api/submit/contact \ -H "Content-Type: application/json" \ -d '{"name":"Ada","email":"ada@example.com","message":"Tell me more"}'
# the response shows here — geo (country / city / lat-long) is
# auto-stamped server-side from Cloudflare visitor headers Same URL serves your AI agent, your static HTML form, your React app, your mobile client. Pick a tab.
$ curl -X POST https://login.ollastack.com/api/submit/contact \
-H "Authorization: Bearer fmd_" \
-H "Content-Type: application/json" \
-d '{"name":"Ada","message":"hi"}'
{"success": true, "id": "sub_8f2…", "country": "IN", "city": "Mumbai"}
# tagged in the inbox with the agent's label
# every call recorded in the audit log
# geo auto-attached — country / city / region / lat-long / timezone
Three small steps. One curl block. Your agent is sending real submissions before your coffee cools.
Sign up, click Create form, name it. Your endpoint URL is yours immediately — no review, no approval queue.
→ create your first formDashboard → Settings → API tokens → New agent token. Scoped, labelled, audited. Hand it to your agent.
→ /docs/agentsOne Bearer-authed POST and the submission lands in your inbox, tagged with the agent's label, with every call written to the audit log.
→ /docs#fetchDesigned for AI-agent traffic from the ground up. Almost the whole surface is yours from your first token — sending from your own domain is the one paid-plan extra.
Agent-typed tokens with a label, an audit log of every call, and a 🤖 stamp on the submissions they create. Scoped to your account. Revocable in one click.
Honeypot, rate limits, and CAPTCHA apply to anonymous browser traffic. Bearer-authed agent submissions skip them — the token is the trust boundary.
Public /api/openapi.json — CORS-open, machine-readable. Agent frameworks consume it directly to discover endpoints, scopes, and response shapes.
Idempotency keys on every submit. HMAC-signed webhooks with full delivery history. Build retry-safe automations without double-posting downstream.
Tag, archive, filter by date. CSV, JSON, and Excel exports. Per-form analytics with geo and spam-rate breakdown.
Email notifications out of the box (from your own domain on paid plans). Slack, Discord, Telegram, Mailchimp native. Anything else via Zapier, Make, n8n, Activepieces — /docs/integrations.
ollastack is a developer surface, not a SaaS dashboard your customers log into. You hand your agent the API key and the OpenAPI spec, and it handles every form action — submit, read, tag, export, configure — through one endpoint. The dashboard is a thin console for token management and inbox triage. That's the entire product, on purpose.
Every tier includes the same core features — the monthly submission cap is the main difference (sending from your own domain is a paid-plan extra). No overage charges — if you hit the cap, submissions stop until next month or you upgrade.
For trying it out and side projects.
For developers shipping their first agent-backed form.
For teams running multiple agent integrations at volume.