API-FIRST · AGENT FORMS · MAILBOXES · EMAIL TESTING

Forms, mailboxes & email testing,
built for your AI agents.

Three things your agents need, one backend: form endpoints they POST to and sail past the bot defenses, real mailboxes they send, receive, reply, and read OTP codes from, and disposable inboxes for testing email in CI. One token system, one OpenAPI spec they read themselves.

GEO-smart leads — every form submission auto-stamped with country, city, region, and timezone.

Start free Read the docs

Try the live demo on the right → submit, watch the geo light up.

Or call the API live ↓ — all three capabilities, real endpoints.

/ one platform

Everything your agents can do.

Forms in, mail out — one backend, one token system, one console. Each surface is in the OpenAPI spec your agent reads itself.

forms

Headless forms

One endpoint. Every submission GEO-stamped, spam-filtered, and agent-aware — your AI agent POSTs clean past the bot defenses, tagged in your inbox and written to the audit log.

→ call it live

agent mail · 🤖

Agent Mail

Real email inboxes your agents own: pick an identity (support@agent.ollastack.com), then send, receive, and reply over the API — inbound is spam-filtered, so the inbox stays clean.

→ /docs/agent-mail

test inboxes

Mail testing for CI

Disposable inboxes on @test.ollastack.com: /wait for the email, read codes[0] (the OTP), assert. Unfiltered — a test sees every message.

→ /docs/agent-mail

/ api-first · call it now

Three capabilities. One API. Call them live.

Forms in, mail out, inboxes your agents own. The Forms and Test-inbox demos run for real, right here — no key, no signup. The Agent Mail send is the exact endpoint; copy it into your terminal with a token.

self-describing · openapi.json ↗

$ curl -X POST https://login.ollastack.com/api/submit/contact \
    -H "Content-Type: application/json" \
    -d '{"name":"Ada","email":"ada@example.com","message":"Tell me more"}'

live sandbox · no token needed

# the response shows here — geo (country / city / lat-long) is
# auto-stamped server-side from Cloudflare visitor headers

# claim your agent's identity, then send as it
$ curl https://login.ollastack.com/api/mailboxes/check-handle?handle=support \
    -H "Authorization: Bearer fmd_<token>"
$ curl -X POST https://login.ollastack.com/api/mailboxes \
    -H "Authorization: Bearer fmd_<token>" \
    -d '{"name":"Support","mode":"agent","handle":"support"}'
$ curl -X POST .../mailboxes/$ID/send \
    -d '{"to":"lead@acme.com","subject":"Re: your demo","text":"…"}'

needs a mail token · runs in your terminal

{"success": true, "data": {
  "address": "support@agent.ollastack.com",
  "direction": "outbound", "deliveryStatus": "sent"}}
# sends AS your chosen identity · inbound is spam-filtered
# poll GET .../wait for replies — it never returns spam

# disposable inbox → wait for the email → read the OTP
$ curl -X POST https://login.ollastack.com/api/mailboxes \
    -H "Authorization: Bearer fmd_<token>" \
    -d '{"name":"signup-ci","mode":"test"}'
$ curl ".../mailboxes/$ID/wait?timeout=55" \
    -H "Authorization: Bearer fmd_<token>"

live · no token needed

# click Run — the live engine generates a verification email,
# parses it, and extracts the OTP, exactly like /wait + codes[0] in CI

Full reference + 3 SDKs in the docs — the whole surface is in /api/openapi.json, CORS-open so your agent reads it itself.

/ drop-in code

One endpoint. Five ways to call it.

Same URL serves your AI agent, your static HTML form, your React app, your mobile client. Pick a tab.

$ ship an agent in 2 minutes

$ curl -X POST https://login.ollastack.com/api/submit/contact \
    -H "Authorization: Bearer fmd_<your-agent-token>" \
    -H "Content-Type: application/json" \
    -d '{"name":"Ada","message":"hi"}'

{"success": true, "id": "sub_8f2…", "country": "IN", "city": "Mumbai"}
# tagged in the inbox with the agent's label
# every call recorded in the audit log
# geo auto-attached — country / city / region / lat-long / timezone

$ curl -X POST https://login.ollastack.com/api/submit/contact \
    -H "Content-Type: application/json" \
    -d '{"name":"Ada","message":"hi"}'

{"success": true, "id": "sub_8f2…"}

await fetch("https://login.ollastack.com/api/submit/contact", {
  method: "POST",
  headers: { "Content-Type": "application/json" },
  body: JSON.stringify({ name, email, message }),
});

<form action="https://login.ollastack.com/api/submit/contact" method="POST">
  <input name="email" type="email" required/>
  <textarea name="message" required></textarea>
  <button>Send</button>
</form>

import { useForm } from "@ollastack/react";

export function Contact() {
  const [state, handleSubmit] = useForm("contact");
  if (state.succeeded) return <p>Thanks!</p>;
  return (
    <form onSubmit={handleSubmit}>...</form>
  );
}

Connects to Gmail, Sheets, Notion, Slack, HubSpot — and 1,000+ more via Zapier, Make, n8n, Activepieces — /docs/integrations.

/ two-minute onboarding

From API key to your first agent submission in two minutes.

Three small steps. One curl block. Your agent is sending real submissions before your coffee cools.

step 1 · 30 seconds

Create a form

→ create your first form

step 2 · 60 seconds

Mint an agent token

Dashboard → Settings → API tokens → New agent token. Scoped, labelled, audited. Hand it to your agent.

→ /docs/agents

step 3 · 30 seconds 🤖

Your agent POSTs

One Bearer-authed POST and the submission lands in your inbox, tagged with the agent's label, with every call written to the audit log.

→ /docs#fetch

/ why agents pick this

Every feature, on every plan.

Designed for AI-agent traffic from the ground up. The whole surface is yours from your first token.

Bearer tokens built for agents: Agent-typed tokens with a label, an audit log of every call, and a 🤖 stamp on the submissions they create. Scoped to your account. Revocable in one click.
Spam pipeline that respects authorisation: Honeypot, rate limits, and CAPTCHA apply to anonymous browser traffic. Bearer-authed agent submissions skip them — the token is the trust boundary.
Self-describing API: Public /api/openapi.json — CORS-open, machine-readable. Agent frameworks consume it directly to discover endpoints, scopes, and response shapes.
Idempotency + signed webhooks: Idempotency keys on every submit. HMAC-signed webhooks with full delivery history. Build retry-safe automations without double-posting downstream.
Inbox, analytics, exports: Tag, archive, filter by date. CSV, JSON, and Excel exports. Per-form analytics with geo and spam-rate breakdown.
Email + 1,000+ integrations: Email notifications from your own domain. Slack, Discord, Telegram, Mailchimp native. Anything else via Zapier, Make, n8n, Activepieces — /docs/integrations.

/ by design

Headless. By design.

ollastack is a developer surface, not a SaaS dashboard your customers log into. You hand your agent the API key and the OpenAPI spec, and it handles every form action — submit, read, tag, export, configure — through one endpoint. The dashboard is a thin console for token management and inbox triage. That's the entire product, on purpose.

/ pricing

Pricing. And what we're not.

Every tier includes every feature. The only thing that changes is the monthly submission cap. No overage charges — if you hit the cap, submissions stop until next month or you upgrade.

Free

$0 / month

For trying it out and side projects.

100 submissions / month
Unlimited forms
All features

Start free

Solo

$9 / month

For developers shipping their first agent-backed form.

1,000 submissions / month
Unlimited forms
All features

Get Solo

Team

$29 / month

For teams running multiple agent integrations at volume.

10,000 submissions / month
Unlimited forms
All features

Get Team

Stop fighting your form backend.

Mint a token, drop in a fetch call, ship. High-volume or custom needs? Talk to us.