Your agents hit walls. We staff the gate.
CAPTCHA, login forms, 2FA prompts — auth challenges that block autonomous agents cold. Gatekeeper queues those sessions and routes them to a human operator who resolves the challenge in a live browser, then hands control back to your agent.
Interactive auth sessions and passive cryptographic verification.
Your agent creates a session pointed at a target URL. When the browser hits a login wall, CAPTCHA, or 2FA prompt, the session enters WAITING state. A human operator views the live browser stream, resolves the challenge, and marks it complete — returning cookies and tokens to your agent.
Submit a URL for passive verification. Gatekeeper browses the URL, captures a content hash, screenshot hash, and timestamps — then signs the attestation with its private key. Your agent receives proof of what the page contained at that moment in time.
Four steps from auth wall to agent access.
POST /auth/sessions with a target URL and a signed crypto payment. Gatekeeper returns a session ID, viewer URL, and proxy base.
A headless browser navigates the target. If it reaches auth-required content, the session state flips to WAITING and the viewer URL goes live.
An operator opens the viewer URL. They see the live browser, click through CAPTCHA/2FA, complete the login — then mark the session complete.
Cookies and session tokens are extracted and proxied back to your agent. The session transitions to COMPLETED and is available for purge.
Every session transitions through a strict state machine.
Session registered, payment verified
Browser hit an auth wall — human operator needed
Operator resolving challenge in live browser
Auth complete — cookies returned to agent
Terminal states: COMPLETED → PURGED · EXPIRED → PURGED · FAILED → PURGED
When a session cannot complete, the error code tells you exactly why. No ambiguous HTTP 500s.
CAPTCHA_UNSOLVABLE
Image CAPTCHA the operator cannot solve
TIMEOUT_HUMAN
No operator joined within the time window
SITE_2FA_REQUIRED
Site requires 2FA device not available
AUTH_BLOCKED
Account blocked or flagged by target site
PROXY_ERROR
Network routing failure to target
VERIFY_TIMEOUT
Verification page failed to load
Crypto-native. Pay per event, not per seat. Verified on-chain.
Paid when session is created. Covers browser provisioning regardless of outcome.
Paid only on successful auth completion. No charge if session expires or fails.
Per-URL passive verification with signed attestation. Flat rate per verify request.
One POST to create an auth session. Poll for state changes or use the viewer URL for human escalation.
# Create an auth session
curl -X POST https://gate.yiok.ai/auth/sessions \
-H "Content-Type: application/json" \
-H "X-Payment-TxHash: 0xabc...123" \
-H "X-Payment-Amount: 0.50" \
-d '{ "target_url": "https://example.com/login" }'
# Response
{
"session_id": "sess_abc123",
"state": "created",
"viewer_url": "https://gate.yiok.ai/viewer/sess_abc123?token=...",
"proxy_base_url": "https://gate.yiok.ai/auth/sessions/sess_abc123/proxy",
"time_remaining_seconds": 300
}
# Poll for state changes
curl https://gate.yiok.ai/auth/sessions/sess_abc123
# { "state": "waiting", "warnings": [] } → human needed
# { "state": "active", "warnings": [] } → operator joined
# { "state": "completed" } → cookies ready# Request cryptographic verification
curl -X POST https://gate.yiok.ai/verify \
-H "X-Payment-TxHash: 0xdef...456" \
-d '{ "target_url": "https://example.com/data", "wait_seconds": 5 }'
# Response — signed attestation
{
"verification_id": "ver_xyz789",
"target_url": "https://example.com/data",
"success": true,
"observed_at": "2026-02-19T12:00:00Z",
"content_hash": "sha256:e3b0c...",
"screenshot_hash": "sha256:a94a8...",
"attestation": { "url": "...", "timestamp": "...", "gateway": "0xPubKey" },
"signature": "0xSignedAttestation..."
}Sessions have configurable time windows. Expired sessions transition automatically — no stuck browsers, no leaked resources.
Gatekeeper is in active testing. Reach out if you're building automation that hits login walls, CAPTCHAs, or 2FA prompts.