GuildCo OTA Console
Secure admin access
Welcome back
Sign in to your admin account
or use a social provider
or continue with email
Forgot password?
Protected by rate limiting & account lockout.
Two-factor auth
Enter the 6-digit code from your authenticator app
Code refreshes in 30s
Lost your authenticator? Contact your administrator.
Set up two-factor auth
Scan this QR code with Google Authenticator, Authy, or any TOTP app

Or enter this backup key manually:

The Guild Co — OTA Console
tenant: (unset)
base: /
Navigation
ready
This dashboard supports both “manual testing” (no auth/CSRF) and hardened mode. If your backend enforces auth + csrf, set a token and fetch CSRF.
Last Request
Settings
Store tenant/base/auth locally in your browser.
If your dashboard is served from the same host as the API, leave blank.
Required for most admin + provisioning endpoints.
If DEV_MODE=true you can set token to: dev-admin-<tenantId>. 
Ready.
Firmware
Presign → upload to S3/CF → (optional) register metadata in DB.
If you upload .img.gz or .img.xz, the Linux client can stream-decompress to the inactive slot.
Firmware list
idchannelversionformatsizecreated
Rollouts
Create staged rollouts (percent-gated, deterministic hash).
Rollouts
idchannelversionpercentpausedcreated
Devices
List, blacklist/unblacklist, delete. (Most actions are admin-only.)
idchannelota_statelast_seenblacklisted
Provisioning
Batch tokens, import lists, issue tokens, and bootstrap simulation.
Create batch
Import CSV
Issue token
Bootstrap simulator (device-side)
Events
Loads via GET /admin/events (if implemented).
Metrics
Reads /metrics (Prometheus text format) and extracts a few key lines.
Highlights
Raw
Simulator
This is only useful if your backend supports a “proxy-mode” for device routes (e.g., headers like x-device-id / x-device-fingerprint) OR if you are serving this UI from a host with mTLS client cert in-browser (rare).
Tip: In hardened mode your mutation calls need: Authorization + x-csrf-token header + cookie set by /csrf-token.