Trustplane Enterprise Console

System Health

Live environment details

Loading...

Infra Health

Postgres + Redis connectivity (admin only)

Admin key required.

Quick Links

/health

/health/infra (admin)

/.well-known/jwks.json

/oprf/public-key (experimental)

/tenants (admin)

/apis (admin)

/clients (admin)

Admin API key (X-Trustplane-Admin-Key)

Docs

Publishable flow explanation

See docs/flow.md in the repo for website docs.

Enterprise Onboarding (Guided Steps)

Track core setup before rolling out to production.

Tenant: pending

API: pending

Client: pending

Key Enrolled: pending

Create tenant + API + client.
Generate keypair on client.
Enroll public key in Trustplane.
Sign proof per request and exchange for JWT.

Step 1 — Create Tenant

tenant_id name

Step 2 — Create API

tenant_id api_id audience

Step 3 — Create Client

tenant_id client_id api_ids (comma separated) scopes (comma separated)

Integration Snippets

Copy/paste into client or CI pipelines.

base URL Enroll public key (curl)

Verify proof (curl template)

Client JWT → Gateway

SDK Flow (Pseudo)

Reference implementation steps

Gateway Notes

JWT auth at edge

1) Call /auth/verify to mint JWT
2) Send Authorization: Bearer <jwt> to gateway
3) Gateway validates JWT and forwards upstream

Key Management

Demo only: this console can generate a private key. In production, generate keys on the client and never share the private key.

public_key_b64url private_key_b64url

Enroll Client Key

tenant_id client_id public_key_b64url

Proof & Verify

method path body (optional)

One-Click Full Demo

Creates tenant/API/client, generates keypair, enrolls, signs, and verifies.

Tenants

APIs

Clients

Gateway Integration (Summary)

1) Client gets JWT from /auth/verify
2) Client calls gateway with Authorization: Bearer <jwt>
3) Gateway forwards request upstream