Heimdall and Envoi are live

Stop rewriting the same backendon every new project.

Auth, transactional email, the social bit. The boring half of every product is solved. Drop it in, get back to the half that only you can build.

Read the docsSee what's live

Flat JSON. No SDK to install. The docs are the marketing.

Live today

The boring half, solved.

Heimdall and Envoi are the two pieces of every product you've already rebuilt three times. Drop them in, get back to the rest.

AUTH

Identity, scoped the way your customers need it

Per-tenant JWKS, RBAC that adapts per app, and an audit log that records reads — not just writes.

  • Platform API + per-app Consumer API, cryptographically isolated
  • Per-tenant JWKS so a leaked key never crosses customers
  • PATs with granular scopes, revocable per workspace
  • Immutable audit log including read operations
Read the Heimdall docs
POST /v1/auth/signin
{
  "aid": "app_f2a9",
  "sub": "usr_alice",
  "aud": "acme-prod",
  "roles": ["admin"],
  "iss": "https://...heimdall.../app_f2a9",
  "exp": 1748391600
}
kid: 3f:9a:...:02verified
adminmemberm2m
TRANSACTIONAL MAIL

Send from your domain, not ours

One RabbitMQ publish, one DKIM-signed email out the door. Handlebars templates, per-app namespaces, no HTTP footprint.

  • Per-domain DKIM keypair, AES-encrypted at rest
  • Event-only API: publish and move on, no HTTP to babysit
  • Handlebars templates with layouts and partials per app
  • Pluggable SMTP: SES, SendGrid, Mailgun, or an in-cluster relay
Read the Envoi docs
template: acme/welcome.hbs
Welcome, {{ name }}

Your workspace {{ slug }} is ready. DKIM-signed from your domain.

Open dashboard
Delivered
99.8%
Bounced
0.2%
DKIM
pass

Available with the lineup

The interesting half, bought with the boring half.

Schema-driven web data. A real social graph. Public-facing waitlists. Different shapes — an API, a primitive, a building block — sold together because they all run on the same workspace.

APIWEB DATA

Structured data from any URL, without selectors

You call it. You get JSON back. No UI to adopt.

POST a URL and a schema. An agent visits, extracts, and webhooks your endpoint. No scrapers, no CSS paths to patch.

  • Schema-driven extraction — LLM conforms to your JSON Schema
  • Webhook-first async pipeline, job ID returned immediately
  • Multi-strategy fallback: full HTML → simplified → metadata-only
See the Trawl pageOn the way — public preview ahead
POST /v1/extract
{
  "url": "news.ycombinator.com",
  "schema": {
    "title": "string",
    "points": "number",
    "comments": "number"
  },
  "webhook": "https://acme.com/hn"
}
Job delivered412ms
PRIMITIVESOCIAL GRAPH

Feeds, follows, and ranking without the rewrite

The mechanic other things sit on top of. You wire it into your product, you don't 'use' it.

Hybrid fan-out, pluggable ranking, and denormalized counters — the social layer your team keeps shipping late.

  • Hybrid fan-out: on-write under 1k followers, on-read beyond
  • Pluggable ranking with tunable weights per community
  • Threaded comments with configurable depth + reactions
See the Agora pageOn the way — architecture locked, ETA Q3
@riley
2m · building

Finally shipped the feed ranking refactor. 40% fewer reads on p99 and the graph stays warm.

♥ 214↩ 3224 comments
1,284 followers · fan-out hybrid
BUILDING BLOCKWAITLISTS

Signups that don’t live in a spreadsheet

A unit of product you adopt whole. Public API today; admin UX on the way.

Public signup API, admin dashboard, webhooks on every entry. Heimdall-native from the first list.

  • Public slug-based endpoints — no auth on the signup path
  • Webhooks + CSV export + live analytics without a separate stack
  • JSONB settings: custom fields and branding without migrations
See the Rally pagePublic API live · admin UX on the way
waitlist: beta-launch342 entries
alex@figma.comnow
jess@linear.app12s
rio@rippling.com2m
you@company.comJoin

One shared identity

One workspace.
One cookie. One mental model.

The lineup is sold together because it runs together. Sign in once at auth.productcraft.co and every product trusts the same session. Workspaces own the data; roles travel with the user.

  • auth_tokenOne httpOnly cookie on .productcraft.co — every API call carries it.
  • workspaceDomains, templates, lists, API keys: one boundary owns them all.
  • rolesOwner / admin / member seeded; custom roles per workspace from day one.
  • auditReads and writes recorded across every product, one timeline.

What's next

The roadmap, in three lines.

The lineup grows on purpose, not on the fortnight. Here's the next three things — the full plan lives on the roadmap.

  • Shipping · This quarter

    Rally admin UX

    The waitlist API is live; the admin surface in console.productcraft.co is the next thing landing.

  • Public preview · Next

    Trawl — schema-driven web data

    POST a URL + JSON Schema, webhook back. Closed dev today, public preview after the dispatcher hardening.

  • Locked · Q3

    Agora — social graph primitive

    Hybrid fan-out, pluggable ranking, denormalized counters. Architecture is locked; the build follows.

See the full roadmapWhat shipped recently
Pick a door

Drop in the boring half. Get back to the rest.

Heimdall and Envoi take an afternoon. The capabilities arrive as you need them, on the same workspace.

Read the docsStart with Heimdall