Skip to main content
This guide walks you from a fresh workspace to an agent that authenticates with Keydris and operates under a policy you control. You can complete every step from the web console.
1

Create a policy

Open Policy Builder and select Create Policy. Choose what the policy governs: tool calls (actions), payments, or both. Add your rules, set the decision for anything that does not match a rule, and save. Keydris compiles the policy to a Rego module and stores it.See Build a policy for a full walkthrough.
2

Store any secrets the agent needs

If your agent calls a service that requires an API key, open the Vault and add the secret. Keydris encrypts the value and returns a token. Reference the token in your policy rules so the agent never handles the plaintext.See Vault.
3

Issue a KIT for the agent

Open Key Management and select Issue KIT. Name the agent, pick its environment, and attach the policy from step one. Keydris generates a single-use key the agent exchanges at the authorization webhook.See Issue a KIT.
4

Connect the agent

Give the agent the single-use key and the authorization webhook shown on the final step. The agent presents the key once to complete authorization, then operates under the attached policy. Every request it makes is recorded.Watch it work under Audit Logs.

After the first agent

Review the audit trail

Confirm the agent’s actions were recorded and inspect the credential lifecycle for each event.

Add teammates

Invite members and assign roles so the right people can manage agents, policies, and payments.

Connect an integration

Route alerts to Slack or PagerDuty so your team hears about important events in real time.

Understand roles

See exactly what each role can view and change.