CSINT Research Workstation
Back to Pro Workspace
Secure sign-in

Pro Workspace · Sign-in

Sign in to Pro Workspace

Enter your email, type the code we send you, and use your Authenticator code if your account has it enabled.

You don't set a password. You just enter your email, and we send a one-time code to your inbox.

How it works

  1. 01Enter email
  2. 02Enter code
  3. 03Open Pro tools

Pilot access flow

Pro Workspace is not an open self-serve product yet. Access is opened manually after the use case and safety boundaries are clear.

01

Request pilot access

Send a short note with your intended use, team size and the verification workflow you want to test.

02

Short intro or written brief

If a live call is not convenient, a written project brief is enough; a short Google Meet can happen when useful.

03

Workspace access opens

If the fit is right, email-code sign-in is enabled. There is no public payment or automatic account creation.

04

Security and bug reporting

Bug, security issue, abuse or broken-source reports go through the support/security channel.

Request pilot accessReport security / bug

Email sign-in

Two steps: first enter your email and request a code, then enter the 12-digit code you receive. No password needed.

We'll email you the code.

API address: https://api.csintresearch.orgThis is CSINT's shared API address. You normally do not need to change it.

How is this kept secure?
  • 01The code arrives in your email; nobody can sign in without it.
  • 02Once you're in, no password or token is stored in your browser.
  • 03Enter the wrong code 3 times and it locks; just request a new one.
  • 04You can add an Authenticator: then a 6-digit code is also asked after the email code.

Safety note

Magic-link sign-in is safer: the code is sent by email and the session is stored as an HttpOnly cookie. The API token fields use localStorage, so do not use them on shared devices.

Advanced: operator token connectionThis section is not for normal users. Use it only for admin/operator fallback access, temporary testing or recovery.

Extra security

In production, the operator token should be used behind Cloudflare Access MFA. When MFA is enabled, Access must verify the operator first, then the token fallback can run.