Edictum
Reference API/App Stack

Reference API/App Stack

Optional hosted API and app surface for ruleset delivery, approvals, event ingestion, audit feed, and agent visibility.

AI Assistance

Right page if: you need the shipped API/app surface for ruleset delivery, approvals, events, audit feed, or agent visibility. Wrong page if: you need runtime enforcement, Workflow Gates, or local Gate setup -- see https://docs.edictum.ai/docs/features, https://docs.edictum.ai/docs/guides/workflow-gates, and https://docs.edictum.ai/docs/guides/gate. Gotcha: the reference API/app stack does not execute `kind: Workflow` documents and does not make production tool-call decisions for agents. Enforcement runs in the SDK or Gate runtime.

The reference API/app stack is optional. It is not the product center and it is not the Workflow Gates runtime.

Edictum enforces rules and workflows locally in the agent process or Gate runtime. The hosted API and app are for teams that need remote ruleset delivery, approvals, event ingestion, audit feed, and visibility across agents.

What It Does

  • Hosts rulesets and pushes updates over SSE
  • Accepts decision, audit, and run events from agents
  • Stores approval requests and operator decisions
  • Provides agent and run visibility for server-backed agents
  • Manages API keys, notification channels, and ruleset signing

What It Does Not Do

  • It does not enforce tool calls for the agent
  • It does not evaluate kind: Workflow
  • It does not store workflow stages as the runtime source of truth
  • It does not replace the local SDK or Gate runtime

For runtime governance, start here:

Use It When You Need

  • Remote ruleset updates without redeploying agents
  • Central approval handling for server-backed agents
  • A hosted audit feed and run view
  • Ruleset version history, replay, signing, and hot reload
  • Notification channels for approval requests

Current Docs

Setup

Connect an agent, create an API key, and understand the current hosted surface.

Connecting Agents

Connect Python, TypeScript, or Go agents to the server-backed ruleset path.

Rulesets

Upload, version, replay, sign, and deploy rulesets.

Approvals

Server-backed approval records, approval endpoints, and notification paths.

Notifications support Telegram, Slack, Discord, and webhook channels. Telegram is interactive today; Slack, Discord, and webhook are notification paths.

Security

The reference stack is a security-critical surface, so the trust boundaries matter.

  • Human auth: Clerk-backed operator traffic in the hosted app
  • API keys: workspace-scoped, one-way hashed, edk_-prefixed
  • Workspace isolation: API reads and writes stay workspace-scoped
  • Ruleset signing: server-backed rulesets are signed server-side
  • Fail closed: agents still enforce locally when remote coordination fails

Security model

License

FSL-1.1-ALv2 -- source available, converts to Apache 2.0 after two years.

Last updated on

On this page

What It DoesWhat It Does Not DoUse It When You NeedCurrent DocsSecurityLicense