⬡

PortAuthorityPass

🔗

Sign in to continue to

—

Control Center

Sign in to manage your identity and connected apps.

PortAuthorityPass
Stable
↩

Returning to

—

Overview

Platform Admin
?

—

—

—

Apps

—

accessible

Managed

—

you control

Quick Access

Loading…

Security Activity

Devices, networks, and link origins observed on your PAP account.

Stable

Live posture

See what looks normal — and what does not.

This feed tracks authenticated PAP activity using request metadata, browser hints, and Cloudflare edge headers when available. It is your early-warning panel for strange logins and unfamiliar regions.

Recent events 0
Countries seen 0
Watch hits 0

Origin map

Recent activity across the world

Waiting for activity

Recent events

Login and session signals

Easy phase: PAP + browser + Cloudflare headers. Rich ASN/VPN intelligence can be layered in later.

Loading security activity…

Derived signals

What stands out in this activity

Fast country changes, unusual referrers, and device churn are inferred locally from the recent feed.

Analyzing recent signals…

Route watch

Recent travel and path transitions

These hops are inferred from consecutive PAP sessions, not full packet-level traces.

Building route trace…

Apps

All apps connected to your PAP identity.

0

Loading apps…

Integration Docs

How to connect any app to PortAuthorityPass for authentication.

How it works

PortAuthorityPass (PAP) is a centralized auth gateway. Any app you own can delegate its login flow to PAP. Once a user is authenticated here, PAP redirects them back to your app. Your app then uses the Supabase session to verify who the user is.

1User visits your app and clicks "Sign in"
↓
2Your app redirects to PAP: https://auth.plabs.cloud/?return_to=https://yourapp.com
↓
3User signs in on PAP (or is already signed in)
↓
4PAP redirects back to your app's return_to URL
↓
5Your app reads the user's session using the shared Supabase client

Step 1 — Register your app (Admin only)

Go to Admin → Apps → + Add App. Fill in:

  • Name — display name shown in the portal
  • Slug — a unique lowercase ID, e.g. my-tool
  • Entry URL — the base URL of your app, e.g. https://mytool.plabs.cloud
  • Icon — optional emoji shown next to the app name

Once saved, the app appears in the platform and users with membership can access it.

Step 2 — Add your Supabase client

In your app, install @supabase/supabase-js and initialise it with the same project URL and anon key as PAP:

import { createClient } from '@supabase/supabase-js';

const supabase = createClient(
  'https://api.plabs.cloud',  // PAP Supabase URL
  'YOUR_ANON_KEY'              // from supabase/config.toml → anon key
);

Because both PAP and your app share the same Supabase project, the user's session cookie/token is valid in both places.

Step 3 — Redirect to PAP for login

Instead of a login form, send users to PAP with a return_to parameter:

// In your app — detect unauthenticated user, then:
window.location.href =
  'https://auth.plabs.cloud/?return_to=' +
  encodeURIComponent(window.location.href);

Step 4 — Read the user in your app

After PAP redirects back, call getSession() to confirm the user:

const { data: { session } } = await supabase.auth.getSession();
if (!session) {
  // Not authenticated — redirect to PAP
} else {
  const user = session.user;
  console.log('Logged in as', user.email);
}

Supabase credentials

Find these in supabase/config.toml or by running npx supabase status:

  • API URL: —
  • Anon Key: —

Settings

Profile

Username Unique across all apps. Cannot be changed yet.
—
Display name How your name appears in apps.
—

Profile QR + Sharing

Action mode Switch what people get when they scan your QR code from your PAP profile.
Invite permissions
These travel with your in-person Black Ledger invite card and are recorded when the invite is accepted.

Profile QR code preview
Current payload —

Profile sharing is ready.

Account

Email Your sign-in email address.
—

Password Change your sign-in password.
••••••••••••

Security

Active sessions You are currently signed in on this device.
1 session

Two-factor authentication Extra verification at sign-in.
Not configured Coming soon

Danger Zone

Delete account Permanently remove your account and all associated data. This cannot be undone.

Identity Links

Bio A short description shown on your profile.
—

Discord Link Two ways to link:
A) Go to #join in Ghost Ship 404 → click Get My Link Code → enter the code below.
B) Click Generate code here → go to #join in Discord → click I have a PAP code → enter the code.
Not linked
Your link code —

GitHub Your GitHub username.
—

Twitter / X Your Twitter / X handle.
—

👻 Ghost Encryption Keys

Key Status Ghost keys are generated and managed inside the Ghost app. PAP stores your public key so others can send you encrypted messages.
Checking… Manage keys in Ghost →
Devices Number of devices with an active Ghost key registered to your account.
—
Admin Control Center

Manage

Admin Overview

Platform Admin

Total Apps

—

on platform

Total Users

—

registered

Your Role

Admin

full access

User activity map

Where recent users are coming from

Waiting for activity
Active users 0
Locations seen 0
Apps touched 0

Who is using what

Recent users and app usage

Built from recent authenticated activity already captured by PAP.

Loading usage rollups…

Loading recent activity…

All Platform Apps

Loading…

Apps You Manage

Loading…

Stats

Platform usage analytics for who is using what, where, and how they are showing up.

Last 30 days

Usage map

Where platform usage is happening

Waiting for map data
Mapped locations 0
Mapped users 0
Mapped apps 0
Auto-centered to recent activity Click hotspots to filter + zoom Clusters collapse busy regions

Loading map…

Tracked Events

—

Loading analytics…

Momentum

Recent activity trend

Tracks authenticated PAP activity and app launches captured by the portal.

Loading trend…

Breakdowns

Apps, locations, devices

Useful for seeing which apps are winning and how users are showing up.

Loading breakdowns…

People

Who is using what

Per-user snapshot with their most-used app, latest location/device, and recent event volume.

Loading user stats…

Users

Platform Admin

Loading users…

Apps

Register and manage all platform-connected applications.

Loading…

👾 Discord Server

Manage Ghost Ship 404 — channels, roles, embeds, and announcements.

Loading Discord info…

📣 Post Announcement

Posts to #announcements in Discord.

Setup Log


            

          


          
          

            

              

                
🐳 System Controller

                
All components — tiers, health, Docker containers. Owner-only actions require the @Owner role.

              

              
            


            
            

              ⏳
              Checking system controller…
            


            
            


            
            


            
            

              All Docker Containers
              

                
Click to load…

              

            


            
            

              

                
Logs

                
              

              

            

          


        

      

    


    
    

      

      

        

          

            
New App

            
Add Application

          

          
        

        

          
          

            
            
          

          

            
            
          

          

            
            
          

          

            
            
          

          

            
            
          

          

            
            
          

          

            
            
          

          

            
            
          

          

            
            
          

          

            
            
          

          

        

      

    


    
    

      

      

        
⚠

        
Delete your account?

        
This will permanently remove your account and all associated data from PortAuthorityPass. There is no way to undo this — your data cannot be recovered.

        

          
✕  All your profile data will be erased

          
✕  All connected apps will be unlinked

          
✕  You will be signed out immediately

        

        

          
          
        

        

      

    


    
    

      

      

        

          

            
User Details

            
—

          

          
        

        

      

    


    
    

      

      

        

          

            
Create PAP identity

            
Register

          

          
        

        

          

          
          
          
          
          
Already have an account? 

        

      

    


    
    

      

      

        

          

            
Welcome back

            
Sign in

          

          
        

        

          

          
          
          
          

          
No account? 

        

        
        

          

          
Enter your email and we'll send you a reset link.

          
          
          

        

      

    


    
    

      

        

          ⬡
        

        
PortAuthorityPass

        
Set new password

        
Choose a strong password for your account.