Hoist AIAssets Sign in
HomeDocsQuickstart

Quickstart.

Hoist Assets is in its S1-gate validation sprint. The two surfaces you can use today: the in-browser sandbox against three fixture organisations, and the MCP server at mcp.assets.hoistai.com/mcp backed by the same fixtures. Real AFSA traffic, REST API, batch CSV, and the Due Diligence Record PDF land at S2-gate alongside the partner intermediary.

Sandbox liveMCP server liveLast updated 2026-05-20
Heads up. If you came here looking for curl https://api.assets.hoistai.com/v1/ppsr/search — that path isn't shipped yet. The REST API ships at S2-gate. Today you call the same tool shapes via MCP, against fixtures. See the REST API reference for the planned shape.

Path A — Try the sandbox in your browser

Fastest path to seeing what a response looks like. No signup, no card, no key.

  1. Open /sandbox.
  2. Pick a search type (PPSR organisation, PPSR serial-number, ABN lookup, GST registration check) and one of three fixture organisations (ACME Excavations, Totem Logistics, Clean Slate).
  3. Click Preview response. The JSON response shape is rendered client-side from canned fixtures — same fields your code will parse once the REST API ships at S2-gate.

That's it. Use the sandbox to shape your integration's parsing logic. Hashes and IDs in the preview are placeholders — live records get a real SHA-256 server-side at S2-gate.

Path B — Install the MCP server in your AI client

Connect your AI agent to the live MCP transport at mcp.assets.hoistai.com/mcp. The OAuth flow (RFC 6749 / 7591 DCR + PKCE + Resource Indicators) is live; today the tool surface is the fixture-backed sandbox. The PPSR/ABN tools listed below light up at S2-gate.

1. Pick your client

Install snippets for eight hosts: Claude Desktop, Claude (web), Cursor, Cline, ChatGPT, Gemini CLI, Codex CLI, and raw curl. Each page has a copy-paste snippet.

2. Authorise with Clerk

On first tool call your client redirects you to accounts.assets.hoistai.com (Clerk hosted sign-in) and then through the consent screen at /oauth/authorize. Grant the scopes your client requests; the Worker issues an access token bound to your client.

3. Run a fixture search

Ask your agent: "Run a PPSR organisation search on ACN 123 456 789 in sandbox mode." The agent calls the tool against MockRegisterProvider and gets back the same JSON shape as the sandbox page. Try ACN 987 654 321 (Totem — three current, one historic) or 222 333 444 (Clean Slate — no registrations) to see the other fixture paths.

What ships at S2-gate Roadmap

  • REST API at api.assets.hoistai.com/v1 — the endpoint shapes documented in /docs/api. Bearer API keys (hoist_live_…), scoped readonly/readwrite/batch.
  • Real AFSA traffic — PPSR organisation + serial-number searches at A$2 pass-through + A$0.50 workflow, billed against your subscription allowance.
  • Due Diligence Record — one-page signed PDF with SHA-256 hash and audit-chain ID, downloadable via /v1/records/{id}.pdf.
  • Batch CSV — up to 500 rows on Pro, unlimited on Team. CSV in, signed ZIP of records out.
  • ABN lookup + history + GST — A$0.10 per call against the ABR.
  • Webhooks — HMAC-SHA256 signed event payloads on the Team tier (search.completed, batch.completed, export.ready).
  • Published SDKs — TypeScript, Python, Ruby. Today the public repositories aren't published; we'll cut releases at S2-gate.

What next?

  • Read the MCP server docs for the tool surface, OAuth scopes, and the eight install paths.
  • Run the sandbox against the three fixture organisations.
  • Skim the planned REST API reference if you want to shape your integration code ahead of S2-gate.
  • Read the trust page if you've got procurement asking about AFSA B2G posture, data residency, or NPII boundary.