AegisAegis
Dashboard
AegisAegis Developer Portal

Developer Search

Press ⌘K or Ctrl+K to jump through guides and public API docs for user-owned master key and scoped credential flows.

Sandbox

Sandbox and Test Environment

Non-production environment for integration rehearsals. Use this surface to validate auth bootstrapping, scoped token behavior, and lease lifecycle controls before enabling production policies.

Identity

Sandbox Tenant

Isolate test callers to dedicated tenant IDs and principals. Never reuse production keys or credential selectors in sandbox runs.

Credentials

Fake Provider Targets

Use fake accounts/apps for lease issuance tests so selector policy logic is exercised without touching external production assets.

Automation

Repeatable E2E

Run deterministic e2e suites for success and failure paths: scope denials, replay rejection, and revocation checks.

Local Stack Bootstrap

# run full local stack (firebase auth emulator + api + web)
WEB_PORT=3310 bash scripts/run_web_e2e_stack.sh
  • Starts Firebase Auth emulator for local user token flows.
  • Runs API service with test DPoP key and insecure header mode for e2e.
  • Builds and serves web app for Playwright-driven portal checks.

Validation Suite

# docs + API annotation checks
pnpm --filter @aegis/web test:e2e -- test/e2e/web/api-docs.spec.ts
pnpm --filter @aegis/web test:e2e -- test/e2e/web/openapi-annotations.spec.ts
  • Confirms explorer hides private endpoints.
  • Confirms gnostic annotations drive visibility and examples in OpenAPI.
  • Confirms docs search (`⌘K`/`Ctrl+K`) works across guide + endpoint entries.

Sandbox Exit Criteria

  1. All scoped token tests pass for allow and deny paths.
  2. SPIFFE bootstrap tests pass with nonce replay and expired challenge negative cases.
  3. E2E docs explorer tests pass on desktop and mobile layouts.
  4. Audit log assertions verify create/redeem/revoke trails for every scenario.
Open Broker ConsoleOpen Security Controls