StartupDeckAI Documentation
Everything you need to build, deploy, and scale your StartupDeckAI platform.
Quick Start
Get up and running in 5 minutes with our step-by-step guide.
Architecture
Understand the frontend, backend, and database design.
Deployment
Deploy to Vercel + Render with custom domains and SSL.
Developer API & SDK
API keys, pay-as-you-go credits, and programmatic analysis.
Platform Features
Pivot Predictor, Autopsy, Pitch Deck, and more AI tools.
Security
2FA, rate limiting, encryption, and GDPR compliance.
Monitoring
Health checks, performance monitoring, and error tracking.
Quick Start
Get StartupDeckAI running on your machine in under 5 minutes.
1. Clone the Repository
git clone https://github.com/trynayash/StartupDeckAI.git
cd StartupDeckAI2. Install Dependencies
npm install3. Environment Setup
cp .env.example .env
# Edit .env with your configuration4. Database Setup
npm run db:push
npm run create-admin5. Start Development Server
npm run devVisit http://localhost:5000 to see the application.
Installation
Detailed installation guide including all dependencies and services.
Required Services
| Service | Version | Purpose |
|---|---|---|
| Node.js | 20+ | Runtime environment |
| PostgreSQL | 14+ | Primary database |
| Redis | 6+ | Caching & queues (optional) |
| Git | Latest | Version control |
Production Dependencies
npm install stripe speakeasy qrcode ioredis express-rate-limit helmet compressionAvailable Scripts
| Command | Description |
|---|---|
npm run dev | Start development server |
npm run build | Build for production |
npm start | Start production server |
npm run check | TypeScript type checking |
npm run db:push | Push database schema |
npm run create-admin | Create admin user |
npm test | Run unit tests |
npm run lint | Lint codebase |
Environment Setup
Configure all environment variables required for the application.
Create a .env file in the root directory with the following variables:
# Database
DATABASE_URL=postgresql://username:password@localhost:5432/startupdeck
REDIS_URL=redis://localhost:6379
# Architecture & URLs
BASE_URL=http://localhost:5000
VITE_API_BASE_URL=http://localhost:5000
FRONTEND_URL=http://localhost:5000
# Authentication
SESSION_SECRET=your-super-secret-key
GOOGLE_CLIENT_ID=your-google-client-id
GOOGLE_CLIENT_SECRET=your-google-client-secret
GITHUB_CLIENT_ID=your-github-client-id
GITHUB_CLIENT_SECRET=your-github-client-secret
# Email (SMTP)
SMTP_HOST=smtp.gmail.com
SMTP_PORT=587
[email protected]
SMTP_PASS=your-app-password
# Payments
razorpay_key_id=rzp_test_...
razorpay_key_secret=...
# AI Service
OPENAI_API_KEY=sk-...
# Application
NODE_ENV=development
PORT=5000RAZORPAY_ENVIRONMENT to live and replace test keys with live keys (starting with rzp_live_).
System Architecture
High-level overview of StartupDeckAI's split-architecture design.
Frontend — Vercel
- React 18 + TypeScript
- Vite build tool
- Tailwind CSS + Shadcn UI
- TanStack Query
- Framer Motion
Backend — Render
- Node.js + Express
- Drizzle ORM
- Passport.js Auth
- Redis + BullMQ
- Prerender.io SEO
Data Layer
- PostgreSQL (Neon.tech)
- Redis Cache
- File Storage
- Session Store
Frontend (Vercel)
The client-side React application built with modern web technologies.
Tech Stack
| Technology | Purpose |
|---|---|
| React 18 | UI framework with concurrent features |
| TypeScript | Type-safe codebase |
| Wouter | Lightweight client-side routing |
| Tailwind CSS | Utility-first styling |
| Shadcn UI | Beautifully designed component library |
| Framer Motion | Premium UI animations |
| TanStack Query | Server state management |
| Vite | Lightning-fast build tool with HMR |
Project Structure
client/
├── src/
│ ├── components/ # Reusable UI components
│ ├── pages/ # Page components
│ ├── hooks/ # Custom React hooks
│ ├── lib/ # Utility functions
│ └── services/ # API service layer
├── index.html
└── vite.config.tsBackend (Render)
Express-based API server with services architecture.
Service Architecture
server/
├── services/
│ ├── notificationService.ts # Email notifications
│ ├── advancedCacheService.ts # Redis caching
│ ├── analyticsService.ts # Analytics & reporting
│ ├── monitoringService.ts # System monitoring
│ ├── advancedAIService.ts # Enhanced AI features
│ ├── backupService.ts # Backup & recovery
│ └── adminService.ts # Admin operations
├── middleware/
│ ├── adminAuth.ts # Admin authentication
│ ├── advancedRateLimiting.ts # Rate limiting
│ └── prerender.ts # SEO Optimization
└── routes/
├── auth.ts # Authentication (OAuth/Local)
├── analysis.ts # Analysis endpoints
├── admin.ts # Admin routes
└── webhooks.ts # Payment webhooksDatabase Schema
Core database tables powered by PostgreSQL and Drizzle ORM.
-- Core Tables
users (id, email, name, role, subscription_plan)
startup_ideas (id, user_id, title, description, industry)
analysis_results (id, idea_id, analysis_data, created_at)
subscriptions (id, user_id, plan_type, status, billing_cycle)
usage_tracking (id, user_id, feature, usage_count, date)
payment_transactions (id, user_id, amount, status, payment_method)
system_logs (id, event_type, user_id, details, timestamp)Database Commands
# Push schema to database
npm run db:push
# Create admin user
npm run create-adminDeployment Guide
Deploy StartupDeckAI with a split architecture for maximum performance.
startupdeck.in (frontend) + api.startupdeck.in (backend).
Post-Deployment Checklist
Vercel (Frontend)
Deploy the React frontend to Vercel for edge-optimized delivery.
Configuration
| Setting | Value |
|---|---|
| Repo Root | StartupDeckAI |
| Build Command | vite build |
| Output Directory | dist/client |
| Env Vars | VITE_API_BASE_URL=https://api.startupdeck.in |
Deploy Steps
# Install Vercel CLI
npm install -g vercel
# Deploy
vercel --prodRender (Backend)
Deploy the Express backend to Render for reliable API hosting.
Configuration
| Setting | Value |
|---|---|
| Repo Root | StartupDeckAI |
| Build Command | npm install --include=dev && npm run build |
| Start Command | npm start |
| Health Check | /health |
| Custom Domain | api.startupdeck.in |
Environment Variables
Set these in the Render dashboard:
NODE_ENV=production
DATABASE_URL=your-database-url
SESSION_SECRET=your-secret
BASE_URL=https://api.startupdeck.in
FRONTEND_URL=https://startupdeck.inDocker Setup
Self-hosted deployment using Docker and Docker Compose.
Dockerfile
FROM node:18-alpine
WORKDIR /app
COPY package*.json ./
RUN npm ci --only=production
COPY . .
RUN npm run build
EXPOSE 5000
CMD ["npm", "start"]Docker Compose
version: '3.8'
services:
app:
build: .
ports:
- '5000:5000'
environment:
- DATABASE_URL=${DATABASE_URL}
- REDIS_HOST=redis
depends_on:
- redis
- postgres
redis:
image: redis:7-alpine
ports:
- '6379:6379'
postgres:
image: postgres:14-alpine
environment:
- POSTGRES_DB=startupdeck
- POSTGRES_USER=postgres
- POSTGRES_PASSWORD=password
volumes:
- postgres_data:/var/lib/postgresql/data
volumes:
postgres_data:Admin Setup
Create and configure administrator accounts.
Create Admin User
# Using default credentials
npm run create-admin
# Using custom credentials
[email protected] ADMIN_PASSWORD=yourpass npm run create-adminDefault Credentials
| Field | Default Value |
|---|---|
| Username | admin |
[email protected] | |
| Password | admin123456 |
| Admin Level | super_admin |
Dashboard Guide
Navigate the comprehensive admin dashboard for system management.
Dashboard Tabs
System stats, health status, and recent activity
User management and role administration
Detailed analytics and reporting dashboards
Real-time system health and performance
Backup scheduling and recovery management
System logs and event tracking
User Management
Manage users, roles, and permissions through the admin panel.
Roles
| Role | Access Level | Capabilities |
|---|---|---|
user | Standard | Create analyses, manage own profile |
admin | Elevated | User management, analytics view |
super_admin | Full | All features including system config |
Authentication
Authenticate with the StartupDeckAI API using sessions or OAuth.
Local Authentication
/api/auth/login
{
"email": "[email protected]",
"password": "your-password"
}OAuth Providers
/api/auth/google
/api/auth/github
Session Check
/api/auth/me
Returns the currently authenticated user object or 401 if not authenticated.
Analysis Endpoints
Create AI-powered startup analyses and retrieve results.
Create Analysis
/api/analysis
{
"title": "My Startup Idea",
"description": "A detailed description of the startup concept...",
"industry": "SaaS",
"targetMarket": "B2B"
}Get Analysis Results
/api/analysis/:id
List User Analyses
/api/analysis
Webhooks
Handle payment and subscription events via webhooks.
Razorpay Webhook
/api/webhooks/razorpay
Receives payment status updates from Razorpay. Configure the webhook URL in your Razorpay dashboard to point to https://api.startupdeck.in/api/webhooks/razorpay.
Supported Events
payment.captured— Payment successfully capturedpayment.failed— Payment failedsubscription.activated— Subscription activatedsubscription.cancelled— Subscription cancelled
Health Checks
Monitor system health and service availability.
/health
/api/health/database
/api/health/redis
curl https://api.startupdeck.in/healthSDK Overview
Integrate StartupDeckAI validation into your product with API keys and the REST API v2.
Authentication
Include your API key on every request:
curl -X POST https://api.startupdeck.in/api/v2/analyze \
-H "X-API-Key: sk_live_your_key_here" \
-H "Content-Type: application/json" \
-d '{"title":"My Idea","description":"...","industry":"SaaS","location":"India"}'Interactive API schema
Discover all v2 routes programmatically:
/api/v2/docs
Node.js example
const res = await fetch('https://api.startupdeck.in/api/v2/analyze', {
method: 'POST',
headers: {
'X-API-Key': process.env.STARTUPDECK_API_KEY,
'Content-Type': 'application/json',
},
body: JSON.stringify({
title: 'Urban fleet routing',
description: 'Dynamic routing for last-mile delivery fleets.',
industry: 'Logistics',
location: 'India',
options: { includeCompetitors: true, includeMarketData: true },
}),
});
const data = await res.json();API Keys & Credits
Manage keys, balances, and pay-as-you-go billing from the API Dashboard.
Generate an API key
- Sign in and open /api-dashboard.
- Click Generate Key.
- Copy the full key immediately — it is only shown once. Later views show a masked key.
Dashboard API (session auth)
| Endpoint | Method | Description |
|---|---|---|
/api/developer/keys | GET | List your API keys (masked) |
/api/developer/keys | POST | Create a new API key |
/api/developer/keys/:id | DELETE | Revoke a key |
/api/developer/usage | GET | Credit balance and usage stats |
/api/developer/checkout | POST | Create Razorpay recharge order |
/api/developer/verify-payment | POST | Verify payment and add credits |
Credits
| Rule | Value |
|---|---|
| Rate | ₹1 = 1 API call |
| Minimum recharge | ₹500 |
| Expiry | Credits do not expire while the account is active |
API v2 Reference
Primary programmatic endpoints for AI analysis and market data.
Analyze startup idea
/api/v2/analyze
{
"title": "My Startup Idea",
"description": "Detailed concept description...",
"industry": "SaaS",
"location": "India",
"options": {
"includeCompetitors": true,
"includeMarketData": true,
"includeFinancials": true,
"enhanced": false
}
}Instant analyze
/api/v2/instant-analyze
Faster, lighter validation for low-latency workflows.
Market data
/api/v2/market-data?industry=SaaS&location=India
Usage stats
/api/v2/usage
Rate limits
| Plan | Limit |
|---|---|
| Free | 100 requests / hour |
| Pro | 1,000 requests / hour |
| Enterprise | 10,000 requests / hour |
Product Features
AI-powered tools available in the StartupDeck web app beyond core idea validation.
AI suggests strategic pivots based on market signals and your idea profile.
Startup AutopsyPost-mortem analysis of failed startups to extract lessons for your venture.
A/B Idea TestingCompare two concepts side-by-side with scored outcomes.
Founder–Idea FitMatch your skills and background against idea requirements.
Investor MatchInvestor alignment suggestions based on stage, sector, and thesis.
Pitch Deck GeneratorGenerate investor-ready deck outlines from your validated analysis.
Compare IdeasRank multiple ideas on viability, market, and execution dimensions.
Instant AnalysisRapid validation snapshot when you need answers in minutes.
Market IntelligenceLive market news and trends mapped to your startup context.
Business IntelligencePortfolio-level analytics and reporting for operators.
Idea GeneratorAI-generated startup concepts tailored to your interests.
Enhanced AnalysisMulti-agent deep dive with extended competitor and financial modeling.
Two-Factor Authentication (2FA / MFA)
Protect your StartupDeckAI account, analyses, and financial details with industry-grade multi-factor security.
Overview
StartupDeckAI supports two-factor authentication (2FA) for all user accounts. When enabled, logging in via username/password or Google/GitHub/LinkedIn OAuth requires you to verify your identity with a dynamic, single-use 6-digit passcode. This prevents unauthorized access even if your password or OAuth credentials become compromised.
Supported Authentication Methods
Scan a cryptographically secure 2D QR code using standard authenticators like Google Authenticator, Microsoft Authenticator, Authy, or 1Password. Generates time-based, offline tokens refreshed every 30 seconds.
Receive a high-entropy, 6-digit verification code directly to your registered email address. Perfect for users who prefer secure verification without needing secondary mobile authenticator apps.
How to Enable 2FA
- Log into your account and navigate to Account Settings.
- Scroll down to the Security & Two-Factor Authentication section.
- Select your preferred method: Authenticator App or Email OTP.
- For Authenticator Apps, scan the generated QR code or copy the plaintext secret key. For Email OTP, verify the test code sent to your inbox.
- Enter the 6-digit confirmation token to securely activate 2FA.
- Copy and store your Emergency Recovery Codes in a safe place. If you ever lose access to your device, these codes are the only way to regain access without administrator intervention.
Login Verification Flow
Once activated, the authentication sequence intercepts access post-credentials check:
1. Login Trigger
User submits email/pass or authenticates via Google/GitHub OAuth.
2. 2FA Intercept
Server checks if user has active 2FA and halts the auth session.
3. Verification
User enters 6-digit TOTP token or Email OTP in secure overlay.
Admin Exemption & Panel Security
For administrative accounts, standard user-level 2FA is deactivated. Instead, administrators must verify their identity using a specialized **Secret Key Verification Challenge Overlay**. This timing-safe, cryptographically hashed challenge must be verified before the system grants access to the high-privilege Admin Panel, ensuring maximum defense for user data and infrastructure control.
API Specifications for Developers
If you are building custom clients or programmatically managing authentication, use these endpoints:
1. Request 2FA Setup
/api/security/2fa/setup
Initiates a Speakeasy key generation and outputs secret details:
{
"secret": "JBSWY3DPEHPK3PXP",
"qrCodeUrl": "data:image/png;base64,iVBORw0KGgoAAA..."
}2. Confirm/Activate 2FA
/api/security/2fa/verify
{
"token": "123456"
}3. Deactivate 2FA
/api/security/2fa/disable
{
"token": "123456"
}Rate Limiting
API protection with configurable rate limits.
| Endpoint Type | Window | Max Requests |
|---|---|---|
| General API | 15 minutes | 1000 |
| AI Analysis | 1 hour | 100 |
| Authentication | 15 minutes | 20 |
Rate-limited responses return 429 Too Many Requests with a Retry-After header.
SSL / TLS
Configure secure connections with SSL certificates.
Nginx Configuration
server {
listen 443 ssl http2;
server_name your-domain.com;
ssl_certificate /path/to/cert.pem;
ssl_certificate_key /path/to/key.pem;
location / {
proxy_pass http://localhost:5000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}Monitoring
Set up comprehensive monitoring for system health and performance.
Health Check Endpoints
# API Health
curl https://api.startupdeck.in/health
# Database Health
curl https://api.startupdeck.in/api/health/database
# Redis Health
curl https://api.startupdeck.in/api/health/redisError Tracking with Sentry
npm install @sentry/node @sentry/profiling-nodeKey Metrics to Track
- System Health: Database, Redis, and email service status
- User Analytics: Growth tracking and user behavior
- Revenue Analytics: MRR, ARR, and financial projections
- Performance: CPU, memory, and response times
Scaling
Scale StartupDeckAI for production workloads.
Database Optimization
-- Add indexes for performance
CREATE INDEX CONCURRENTLY idx_analyses_user_id_created_at
ON analyses(user_id, created_at);
CREATE INDEX CONCURRENTLY idx_competitors_analysis_id
ON competitors(analysis_id);
CREATE INDEX CONCURRENTLY idx_usage_tracking_user_id_feature
ON usage_tracking(user_id, feature);Load Balancing
upstream startupdeck_backend {
server 127.0.0.1:5000;
server 127.0.0.1:5001;
server 127.0.0.1:5002;
}
server {
location / {
proxy_pass http://startupdeck_backend;
}
}Troubleshooting
Common issues and their solutions.
Redis Connection Failed
# Check Redis status
sudo systemctl status redis-server
# Restart Redis
sudo systemctl restart redis-serverDatabase Connection Issues
# Test database connection
psql $DATABASE_URL -c "SELECT 1;"Payment Webhook Failures
# Test webhook endpoint
stripe events resend evt_webhook_id
# Check webhook logs
stripe logs tail