Customer A-to-Z

Start in Profile, prove one real boundary, then share verified evidence.

This is the customer path for Profile, API/terminal setup, and proof readiness. Use it to create a workspace, connect the execution path, wrap the first risky action, confirm Profile readback, export proof, and prepare a support bundle if anything gets stuck.

Open Profile API docs OpenAPI JSON Verify proof

First run

The complete customer sequence.

Create Profile account

Create the approved Profile account, confirm the active workspace, and select or create the first agent.

Define the risky action

Pick one action that needs proof first, such as cloud.deploy, db.sandbox.write, customer.export, or credential.export.

Publish policy

Set allowed, review-required, and blocked actions in Profile, then publish and verify the active policy version.

Rotate SDK key

Create the customer SDK key in Account. Store the plaintext value only in the customer secret manager or server environment.

Install and run doctor

Install the CLI from the customer repo and run doctor so the Worker API, readiness route, verifier, and trust registry are checked.

Wrap the first boundary

Use the selected SDK adapter, generic API, MCP authority, scanner, DB sandbox, or protected compute lane where the action actually executes.

Run allowed and blocked proof

Execute one safe action and one blocked-before-body action, then confirm Deployments and Proof show current activity.

Export and share proof

Export JSON or Markdown, verify the packet, then create a buyer/auditor share only after Profile marks the proof current.

Copy command path

Step	Command
Install and check	`npm install -g imladri-cli imladri doctor --customer --worker-url "$IMLADRI_WORKER_URL" --remediate`
Login/connect workspace	`imladri onboard --worker-url "$IMLADRI_WORKER_URL" --email "$IMLADRI_PROFILE_EMAIL" --password "$IMLADRI_PROFILE_PASSWORD"`
Publish policy	`imladri policy publish --allow "ticket.summarize" --review "cloud.deploy" --block "credential.export"`
Run first proof	`imladri proof run --agent-id "$IMLADRI_AGENT_ID" --allowed-action "ticket.summarize" --blocked-action "credential.export"`
Upload scanner	`imladri scan --path . --format json --output imladri-boundary.json --fail-on new --upload`
Verify export	`imladri proof verify --input imladri-proof.json`

Profile

What every tab should tell the customer.

Profile tab	Customer should see
Home	First-run guide, copy commands, last seen in Profile, proof status, and next action.
Agent	Agent mission, allowed/review/blocked actions, published policy, SDK preparation, and deployment state.
Deployments	Recent monitored activity, allowed calls, blocked calls, latency, source, status, and proof export controls.
Proof	Proof packet explanation, freshness badges, scanner/adopter lanes, MCP authority, exports, and share links.
Providers	Optional provider key verification, capacity selection, protected workload setup, auto-stop controls, and launch readiness.
Training	Optional provider run monitor, callback evidence, proof detail, stop/delete controls, and training proof export.
Sandbox	Optional database branch setup, governed transaction, source-isolation proof, export, and branch cleanup.
Account	Workspace identity, SDK key fingerprints, API route map, support bundle export, password, and logout.

API workspace

Routes that connect terminal/API work back to Profile.

Route	Path	Customer use
Public catalog	`GET /api/customer/api`	Shows route ids, auth requirements, and advertised rate limits.
Readiness	`GET /api/customer/readiness`	Shows account, workspace, API, proof, and next-action checks for the signed-in customer.
Agent profile	`GET /api/customer/profile`	Returns the customer workspace, active agent, API access map, and account state.
Runtime evidence	`GET/POST /api/customer/agents/:agentId/runtime-evidence`	Syncs terminal/API proof back into Profile.
Boundary scan	`POST /api/customer/agents/:agentId/boundary-scan`	Uploads scanner findings from terminal or CI into the proof packet.
SDK certification	`POST /api/customer/agents/:agentId/sdk-certification`	Uploads adapter certification packets for the customer-selected stack.
Proof export	`GET /api/customer/agents/:agentId/proof-export`	Exports JSON, Markdown, or PDF proof from the active Profile packet.
Proof share	`GET/POST /api/customer/agents/:agentId/proof-share`	Lists or creates redacted buyer/auditor proof links.

Proof packet

What must be inside before sharing.

Agent and policyActive agent id, mission, policy version, allowed/review/blocked lists, and unknown-action mode.

Allowed actionOne allowed event with source, request id, timestamp, latency, and decision context.

Blocked actionOne denied or halt-required event blocked before the dangerous function body or committed side effect.

Runtime readbackDeployments and Proof show the same latest monitored activity after terminal/API upload.

Scanner or adopter laneIncluded when the customer uses a CI scanner or framework adapter certification.

MCP, hosted, data, or compute laneIncluded only when that lane is in scope for the customer workflow. Missing credentials remain visible as missing.

IntegrityDigest, chain root, packet hash, signature metadata when configured, and redaction context.

Share safetyBuyer/auditor links are redacted and created only after the current packet verifies.

Optional lanes

Add only what the customer actually uses.

MCP authorityIssue short-lived authority tokens for tool hosts instead of long-lived SDK keys.

Hosted workflowRun a credentialed probe only when the customer actually uses that hosted product.

CI scannerRun locally or in CI, then upload findings to the active Profile agent.

Database sandboxCreate a governed branch, run a signed SQL transaction, export proof, and destroy the branch.

Protected computeVerify provider access, launch protected work with auto-stop, monitor callbacks, and clean up resources.

Support bundle

Support step	Detail
Before contacting support	Run doctor, refresh Profile, export the support bundle from Account, and note the active agent id.
What the bundle includes	Account id, workspace id, route map, SDK key fingerprints, recent activity, proof shares, scans, certifications, and proof digest.
What the bundle excludes	Plaintext SDK keys, passwords, provider keys, hosted probe tokens, authority tokens, and private raw payloads.

Final customer acceptance

Area	Done signal
Access	Customer can log in and see the correct Profile workspace and active agent.
API identity	Account shows workspace id, active agent id, route map, and OpenAPI link.
Policy	The agent policy is published and verified.
Runtime proof	At least one allowed and one blocked-before-body event are visible in Profile.
Proof packet	Export verifies locally or in the browser and includes integrity metadata.
Customer-selected lanes	Scanner, adopter, MCP, hosted, DB, or compute lanes are passed or explicitly out of scope.
Cleanup	Old SDK keys are revoked when rotated, DB branches are destroyed, and provider resources are stopped or deleted when used.