Aegis Developer PortalDeveloper Search
Press ⌘K or Ctrl+K to jump through guides and public API docs for user-owned master key and scoped credential flows.
API Reference
Aegis Platform API
Connect RPC surface for the Aegis zero-knowledge platform. Operations are tagged as `public` (integrator-facing) or `private` (internal/elevated).
This explorer lists public operations and documents the model where users control master keys while platform services enforce policy and scoped access.
Explore Endpoints
Entries are generated from protobuf and filtered to public operations only. Internal endpoints remain hidden from this explorer.
Open First EndpointAuthentication Process
- Authenticate the caller (user session for public APIs, workload identity for broker workflows).
- For local MCP, use OAuth device flow (
Begin-> user approval ->Exchange). - Mint/exchange short-lived broker token and bind to tenant/principal identity.
- Send `Authorization: Bearer ...` and sender-constrained proof for sensitive lease actions.
- Apply policy checks on scope + target selectors before returning credential material.
User-owned key material remains outside platform trust boundaries, so these flows authorize access without transferring plaintext master keys.
Token guidance and bootstrap hardening are documented in `/developer/security` and `/developer/patterns`.
Scoped Credential Access
For broker lease workflows, scope should bind action and credential target resource selectors.
credential.lease.create:provider:gcp:app:billing-prod:account:deploy-bot
credential.lease.redeem:provider:aws:app:payments:account:ci-role
credential.lease.revoke:provider:gcp:app:analytics:account:breakglass- Grant create/redeem/revoke independently.
- `MintUserApiToken` requires non-wildcard selectors (specific app/account targets only).
- Deny and audit scope escalation attempts.
- Lease operations require selector-scoped grants; action-only scopes are insufficient.
Public APIs
32 endpoints