Getting started

Quickstart

Run the full stack locally — the hyperscaled-api backend plus this vanta-starter frontend — in about ten minutes.

What you'll need

Python 3.11+, Node 20+ with pnpm, Docker Desktop, and the Stripe CLI (only for testing payments/payouts locally).

1. Start Postgres & Redis

The API persists tenants, users, and payments in Postgres and uses Redis for caching/rate-limits.

hyperscaled-api

# from the hyperscaled-api repo root
docker compose up -d        # Postgres (5433) + Redis (6379)
docker compose ps

Port 5433, not 5432

The compose file maps Postgres to host port 5433 to avoid colliding with a native Postgres on 5432. Make sure V2_DATABASE_URL points at 5433.

2. Configure & migrate the API

hyperscaled-api

conda activate hyperscaled        # or your venv
pip install -e .

cp .env.example .env              # then fill in the values below
alembic upgrade head              # create all tables

hyperscaled-api/.env (essentials)

V2_DATABASE_URL=postgresql+asyncpg://hyperscaled:hyperscaled@localhost:5433/hyperscaled_api
V2_REDIS_URL=redis://localhost:6379/0
SESSION_ENCRYPTION_KEY=<openssl rand -base64 32>

# Stripe (test mode)
V2_STRIPE_SECRET_KEY=sk_test_...
V2_STRIPE_PUBLISHABLE_KEY=pk_test_...
V2_STRIPE_WEBHOOK_SECRET=whsec_...
V2_STRIPE_CONNECT_RETURN_URL=http://localhost:3000/dashboard/payouts
V2_STRIPE_CONNECT_REFRESH_URL=http://localhost:3000/dashboard/payouts

# Sumsub KYC
V2_SUMSUB_APP_TOKEN=...
V2_SUMSUB_SECRET_KEY=...

# Email OTP (SMTP relay)
V2_SMTP_HOST=smtp-relay.gmail.com
V2_SMTP_USERNAME=...
V2_SMTP_PASSWORD=...

# Validator / trading network
HYPERSCALED_VALIDATOR_API_KEY=...

3. Run the API

hyperscaled-api

uvicorn hyperscaled_api.main:app --reload --port 8000

The interactive API reference (Swagger UI) is now live at http://localhost:8000/docs.

4. Create an admin + register your app (tenant)

Each app that integrates is a tenant with its own OAuth client credentials. Create them from the admin dashboard — no production terminal required.

hyperscaled-api

# bootstrap the first admin from env vars, then sign in at /admin
ADMIN_EMAIL=you@taoshi.io ADMIN_PASSWORD=... python -m hyperscaled_api.scripts.bootstrap_admin

# open the admin dashboard, set up 2FA, then "Register app"
open http://localhost:8000/admin

Save the client secret

Registering an app returns a client_id and a client_secret shown once. Copy them into the frontend env below.

5. Configure & run this app

vanta-starter/.env.local

HSC_API_BASE_URL=http://localhost:8000
HSC_CLIENT_ID=hsc_...
HSC_CLIENT_SECRET=hsk_...
HSC_SCOPE=api

SESSION_COOKIE_NAME=hsc_starter_session
SESSION_COOKIE_SECRET=<32+ char secret>

NEXT_PUBLIC_HSC_API_BASE_URL=http://localhost:8000
NEXT_PUBLIC_STRIPE_PUBLISHABLE_KEY=pk_test_...

vanta-starter

pnpm install
pnpm dev          # http://localhost:3000

6. (Optional) Forward Stripe webhooks

Payments and Connect status updates arrive via webhook. Forward them to the API while developing.

terminal

# use --api-key so the CLI listens on the SAME Stripe account as your keys
stripe listen \
  --api-key sk_test_... \
  --forward-to localhost:8000/v2/webhooks/stripe

# copy the whsec_... it prints into V2_STRIPE_WEBHOOK_SECRET, then restart uvicorn

Restart after changing .env

uvicorn --reload does not reload environment variables. Restart the process after editing .env.

Next steps

Authentication — how tokens and sessions work.
Identity / KYC — verify a trader.
Checkout — sell your first challenge.