Skip to content


Screenshot of a Terminal running the AssistivTunnel CLI.

AssistivTunnel is a small command line interface (CLI) that creates a secure connection between your computer and virtual machines or mobile devices running in Assistiv Labs, which enables you to test…

  • Any site or server running on localhost
  • Internal staging servers that may require VPN
  • Geofenced sites that only accept requests from certain countries or IPs

Get started

  1. Download the CLI for your platform from your terminal/command prompt:
    # MacOS
    curl -L -o && unzip
    # Windows
    powershell.exe "$ProgressPreference='SilentlyContinue'; Invoke-WebRequest -OutFile; Expand-Archive ."
    # Linux
    curl -L -o && unzip
  2. Copy your personal AssistivTunnel access key from
  3. From a terminal or command prompt, run
    # MacOS / Linux syntax
    ./AssistivTunnel --accessKey <PASTE KEY HERE>
    # Windows syntax
    .\AssistivTunnel.exe --accessKey <PASTE KEY HERE>

The CLI will output something like:

✅ Connected successfully
You can now start testing from
Select the tunnel named "My-Computer" from the dropdown

You're now ready to test. Any URL that you can load locally will now work in Assistiv Labs. For example, paste https://localhost:3000 or into the remote browser.

CLI options

--help Show help [boolean]
--accessKey Your AssistivTunnel access key, obtain from [string]
--label Optional label for your tunnel to help you identify it on the
dashboard. If omitted, your computer's hostname will be used
instead [string]
--proxy Optional, if your organization requires that you use a proxy
server to connect to the internet, specify it here with
"<host>:<port>". Ex: --proxy
--verbose Enable verbose logging [boolean]
--update Check for updates [boolean]
-v, --version Display AssistivTunnel's version [boolean]


Is it secure?

Yes. AssistivTunnel uses TLS 1.2 end-to-end encryption for all communications. Traffic is not decrypted on our servers, it only passed through. You can confirm this by visiting an HTTPS site in an Assistiv Labs browser and inspecting the connection certificate chain.

Only test devices in the Assistiv Labs cloud that you are actively testing can access your tunnel. Learn more about our security practices.

How does it work?

The AssistivTunnel CLI establishes a WSS (secure WebSocket) connection to our Relay server from your computer. When you start a test session from your Assistiv Labs dashboard and select an active tunnel, a new virtual machine or mobile device is provisioned and its network requests are routed through the Relay server over HTTPS. The network requests are then transmitted over WSS using a custom protocol to AssistivTunnel, which resolves the request and transmits the response over WSS back to the Relay.

When you end your test session, the test device and routing rule is deleted and all pending requests are cancelled.

A detailed whitepaper describing AssistivTunnel’s internals is available for security review upon request.

Can it be run centrally, from a DMZ or internal server?

Yes, if you only need to test internal websites with AssistivLabs (and not localhost) and would like to monitor the traffic moving through AssistivTunnel from a single access point, you can run AssistivTunnel from a DMZ or internal server. The tunnel can then be shared with everyone in your Assistiv Labs account.

Requires a Company plan. Contact us for more details.

Need help?

Contact us and we'll be happy to answer questions or walk you through the process.