Documentation Overview

AxiNode Platform Overview

AxiNode is a zero-credential control plane: outbound-only agents, signed command envelopes, and unified audit. This page orients you to the core model and points you to deeper guides.

Zero credentials

No SSH/RDP secrets are stored. Trust is bound to agent identity + signed envelopes; inbound ports stay closed.

Outbound agents

Lightweight agents dial out with mTLS, verify signatures, execute with least privilege, and stream telemetry.

Unified audit

Every command links user → tenant → agent → output with correlation IDs for forensics and compliance.

How it works (high level)

  1. Install the agent (Windows/Linux); it generates keys and registers via a short-lived bootstrap token.
  2. Agent opens outbound mTLS to the control plane; no inbound firewall rules.
  3. Users/CLI authenticate; commands are signed into envelopes with policy/TTL/nonce.
  4. Agents verify signature + target binding, then execute in least-privilege sandbox.
  5. Results, telemetry, and audit entries stream back with correlation IDs.

Where to go next

Detailed docs are split by topic. Start with the guide that matches your task:

  • How-to Guide — end-to-end usage (install agent, sign commands, observe audit/telemetry).
  • Security — zero-credential model, signed envelopes, outbound-only trust chain.
  • Brand & Identity — tone, visuals, and communication rules.
  • Purpose & Mission — why we exist, problems we solve (credential theft → lateral movement → domain takeover).
  • API Documentation — REST `/api/v1`, gRPC agent channel (`axinode.agent.v1`), ProblemDetails error model.

Quick facts

  • Zero-credential: no SSH/RDP secrets stored; trust = agent identity + signatures.
  • Outbound-only: no inbound ports, VPNs, or bastions.
  • Signed envelopes: TTL, nonce, tenant/server/agent binding, policy enforcement.
  • Unified surface: UI, CLI, REST, and gRPC share the same command/audit model.