Aegis

Aegis Workspace

Developer

Checking session...
AegisAegis Developer Portal

Developer Search

Press ⌘K or Ctrl+K to jump through guides and API endpoint docs.

API Reference

Aegis Platform API

Connect RPC surface for the Aegis zero-knowledge platform. Operations are tagged as `public` (integrator-facing) or `private` (internal/elevated).

Browse available API operations, inspect request and response contracts, and copy code samples to build integrations quickly.

Developer Home
POSTpublicIdentityGatewayServiceAuth Required

Enroll Device

/aegis.v1.IdentityGatewayService/EnrollDevice

Authentication

This endpoint requires a bearer access token. Use short-lived tokens and send them only in the Authorization header.

  • Keep tokens short-lived and rotate them frequently.
  • Never include tokens in query parameters or logs.
  • Use least-privilege scope grants for the caller.
  • Preserve user data ownership boundaries: authenticate and authorize access without transmitting plaintext master key material.

Security Schemes

  • BearerAuthscopes: token must still be policy-allowlisted.

Parameters

NameInRequiredDescription
Connect-Protocol-Versionheaderyes-
Connect-Timeout-Msheaderno-

Request Body (Example)

{
  "device": {
    "deviceId": "string",
    "userId": "string",
    "platform": "string",
    "appVersion": "string",
    "posture": "string",
    "enrolledAt": "2026-01-01T00:00:00Z",
    "lastSeenAt": "2026-01-01T00:00:00Z",
    "revoked": true,
    "displayName": "string",
    "geoTimeZone": "string",
    "geoRegionCode": "string",
    "geoLatitude": null,
    "geoLongitude": null,
    "geoCapturedAtUnix": null,
    "trustedUnlockCapable": true,
    "trustedUnlockKeyId": "string",
    "trustedUnlockAlgorithm": "string",
    "trustedUnlockRegisteredAt": "2026-01-01T00:00:00Z"
  },
  "trustedUnlock": {
    "keyId": "string",
    "algorithm": "string",
    "publicKeySpki": "string"
  }
}

Responses

200

Success

{
  "device": {
    "deviceId": "string",
    "userId": "string",
    "platform": "string",
    "appVersion": "string",
    "posture": "string",
    "enrolledAt": "2026-01-01T00:00:00Z",
    "lastSeenAt": "2026-01-01T00:00:00Z",
    "revoked": true,
    "displayName": "string",
    "geoTimeZone": "string",
    "geoRegionCode": "string",
    "geoLatitude": null,
    "geoLongitude": null,
    "geoCapturedAtUnix": null,
    "trustedUnlockCapable": true,
    "trustedUnlockKeyId": "string",
    "trustedUnlockAlgorithm": "string",
    "trustedUnlockRegisteredAt": "2026-01-01T00:00:00Z"
  }
}
default

Error

{
  "code": "string",
  "message": "string",
  "details": [
    {
      "type": "string",
      "value": "string",
      "debug": {}
    }
  ]
}
curl -X POST "https://aegis-consumer-api-lgbfsi3yxa-uc.a.run.app/aegis.v1.IdentityGatewayService/EnrollDevice" \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer <YOUR_ID_TOKEN>" \
  -H "Connect-Protocol-Version: 1" \
  -d '{
  "device": {
    "deviceId": "string",
    "userId": "string",
    "platform": "string",
    "appVersion": "string",
    "posture": "string",
    "enrolledAt": "2026-01-01T00:00:00Z",
    "lastSeenAt": "2026-01-01T00:00:00Z",
    "revoked": true,
    "displayName": "string",
    "geoTimeZone": "string",
    "geoRegionCode": "string",
    "geoLatitude": null,
    "geoLongitude": null,
    "geoCapturedAtUnix": null,
    "trustedUnlockCapable": true,
    "trustedUnlockKeyId": "string",
    "trustedUnlockAlgorithm": "string",
    "trustedUnlockRegisteredAt": "2026-01-01T00:00:00Z"
  },
  "trustedUnlock": {
    "keyId": "string",
    "algorithm": "string",
    "publicKeySpki": "string"
  }
}'