Zero Trust Control Plane — Documentation

This site documents a proof-of-concept zero-trust session and policy control plane: a backend (Go gRPC), web client (Next.js). Here you’ll find backend services (auth, sessions, policy engine, org policy config, database, telemetry) and the org admin dashboard.

What's in the docs

• Backend — Authentication (register, login, refresh, MFA), session management and lifecycle, policy engine (OPA/Rego for device-trust/MFA), org policy config (five sections), database schema, audit, health, and telemetry (OpenTelemetry → Collector → Loki / Prometheus / Tempo → Grafana).
• Frontend — Org admin dashboard (Members, Audit log, Policy, Telemetry); how it uses the backend and handles 401 / session invalidation.
• Contributing — Planned documentation and how to extend the docs (see the sidebar).

Quick links

• Auth — Register, login, refresh, JWT flows
• Sessions — Session management, revocation, token invalidation
• Session lifecycle — Creation, heartbeats, revocation, client behavior
• Policy engine — OPA/Rego, policy structure, evaluation flow
• Org policy config — Five sections, sync to org_mfa_settings
• Web dashboard — Org admin: Members, Audit, Policy, Telemetry
• Database — Schema, migrations, codegen
• Telemetry — OpenTelemetry, Collector, Grafana

How to run

Run the backend from backend/, the frontend from frontend/, and this docs site from docs-site/ (see the docs-site README).